Axel Rau wrote: > > Am 15.02.2011 um 14:23 schrieb W B Hacker: > >> Axel Rau wrote: >>> >>> Am 14.02.2011 um 19:16 schrieb Phil Pennock: >>> >>>> >>>> Will you settle for 4.76? :) >>> OK. >>> ... >>> >>>> although I do wonder about what happens with DB connections >>>> happening from multiple users, depending on which user Exim was running >>>> as when it opened the connection? >>> >>> You mean a multi-users system, where exim is used for submission? >>> If exim is not setuid root/exim_user then my code won't work >>> in that situation. It requires either setuid executable or an outgoing >>> relay, >>> which would do the job. Same is true with other DB-lookups. >>> All my experience is based on networked clients which connect to a >>> daemon >>> (usually IMAP with submission capability) on a server which has no user >>> accounts on it. >>> >>> Axel >>> --- >>> [email protected] PGP-Key:29E99DD6 +49 151 2300 9283 computing @ chaos >>> claudius >>> >>> >>> >> >> Axel, all... >> >> Coming late to a discussion not of my making .. worse, probably >> forgetting earlier discussions... > Thanks for bringing this back to me, giving me a chance to clarify. >> >> ...but one has never needed setuid root <nor anything else special> to >> write logs or, indeed essentially *anything* into a DB with >> *unpatched* Exim 4.4X onward.. >> >> All that is needed is a valid set of DB access credentials and the use >> of 'INSERT', 'UPDATE', etc (for SQL, anyway...) from anywhere in acl's >> or router/transports. And that's just the built-in route. >> >> Externals can be called as well. >> >> What is it that is seen to be in need of patched/new code? >> >> And should the offered patch be the one thaqt makes the cut if it >> *requires* setuid? > My patch does not change this. > > I'm using FreeBSD ports and what I see: the exim excutable is installed > setuid root and its running as mailnull (which owns spool directory > etc).
ACK for 'vanilla' FreeBSD port. Slightly different for OpenBSD. But ONLY for 'vanilla' ... there are other roads ... > However I'm using ssl to access the db-server and hence in the > home of mailnull (which is /var/spool/mqueue) is a subdirectory > .postgresql with the cert and key files to access the db (instead of a > password in the exim config). This works because my mail servers have no > user accounts and everything is handled by mailnull. > If 'on box', I'd recommend sockets, not IP. If OFF box, not JUST SSL/TLS alone... yadda.... > The decision, to use ssl or not is up the administrator. > > If no ssl being used, then a password must be supplied in the exim > config, which I personally don't like. > > Axel > --- The 'vanilla' method of storing the DB creds in ~/configure is generally 'good enough', especially with 'hide..', plus restricted read perms: -r--r----- 1 root postal 51483 Feb 15 04:33 configure .. and no setuid on the binary. However - w/r DB use in general, from the Exim side, I think this is an edge case either my way OR your way. Nothing wrong with those. But a few minutes to compile from modified source to fit an edge-case should be well justified and all that's needed - not a change to the base. Or at least not THIS change. IMHO, it seems a bit too dependent on broad assumptions and rather narrower in application/payback. Bill Hacker -- ## List details at http://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
