Re: exim-using packages - are you relying on -C or -D options?

To: Stephen Gran <sgran@debian.org>
Cc: debian-devel@lists.debian.org
Subject: Re: exim-using packages - are you relying on -C or -D options?
From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Tue, 14 Dec 2010 19:50:44 +0000
Message-id: <[🔎] 19719.51860.848292.372206@chiark.greenend.org.uk>
In-reply-to: <[🔎] 20101214191316.GB20378@varinia.lobefin.net>
References: <[🔎] 20101212145053.GF2099@downhill.g.la> <[🔎] 19717.16407.784422.915704@chiark.greenend.org.uk> <[🔎] 20101213074540.GA13008@varinia.lobefin.net> <[🔎] 19718.3565.160216.465112@chiark.greenend.org.uk> <[🔎] 20101214105319.GA17541@varinia.lobefin.net> <[🔎] 19719.29274.420376.58323@chiark.greenend.org.uk> <[🔎] 20101214191316.GB20378@varinia.lobefin.net>

Stephen Gran writes ("Re: exim-using packages - are you relying on -C or -D options?"):
> It doesn't appear to care about symlinks, from a quick read of exim.c.
> It seems that so long as the directory name for the file passed to it
> matches the configured directory name, it's happy.  I would test this
> rather than relying on my 5 minute guess about which is the right chunk
> of code to read, though :)

Right.  It should probably also refuse to read filenames matching
.* #* *# *~ *.tmp at the very least.  

You wouldn't want to edit your exim.conf to get rid of a security
problem and find that the attacker could just tell it to use the old
file !

Ian.

Reply to:

Follow-Ups:
- Re: exim-using packages - are you relying on -C or -D options?
  - From: Andreas Metzler <ametzler@downhill.at.eu.org>

References:
- exim-using packages - are you relying on -C or -D options?
  - From: Andreas Metzler <ametzler@downhill.at.eu.org>
- Re: exim-using packages - are you relying on -C or -D options?
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Re: exim-using packages - are you relying on -C or -D options?
  - From: Stephen Gran <sgran@debian.org>
- Re: exim-using packages - are you relying on -C or -D options?
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Re: exim-using packages - are you relying on -C or -D options?
  - From: Stephen Gran <sgran@debian.org>
- Re: exim-using packages - are you relying on -C or -D options?
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Re: exim-using packages - are you relying on -C or -D options?
  - From: Stephen Gran <sgran@debian.org>

Prev by Date: Re: Anybody else having problems w/ DNSSEC and ftp.debian.org?
Next by Date: Re: Anybody else having problems w/ DNSSEC and ftp.debian.org?
Previous by thread: Re: exim-using packages - are you relying on -C or -D options?
Next by thread: Re: exim-using packages - are you relying on -C or -D options?
Index(es):
- Date
- Thread