On 14/09/16 19:42, Phil Pennock wrote: > On 2016-09-11 at 22:41 +0100, Jeremy Harris wrote: >> There's a minor complication in that the -J file is opened in two >> places (as it happens, in a single routine: deliver_messsage()). > > Why is the journal ever being opened as root, instead of as the Exim > run-time user? That seems like a flaw, and a root-cause to be > addressed.
The journal is opened, and plundered for already-delivered addresses, before the system filter is run. And we have options for setting uid & gid for the running of a system filter; since we don't use seteuid() we cannot regain root in order to set the desired uid. So we have to be root... unless we rejig things greatly. -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
