On 05/06/13 05:59, Phil Pennock wrote: > + 7. It has always been implicit in the design and the documentation that > + "the Exim user" is not root. src/EDITME said that using root was > + "very strongly discouraged". This is not enough to keep people from > + shooting themselves in the foot in days when many don't configure Exim > + themselves but via package build managers. The security consequences of > + running various bits of network code are severe if there should be bugs > in > + them. As such, the Exim user may no longer be root. If configured > + statically, Exim will refuse to build. If configured as ref:user then > Exim > + will exit shortly after start-up. If you must shoot yourself in the > foot, > + then henceforth you will have to maintain your own local patches to strip > + the safeties off. > > I think that this is a very reasonable balance: I don't claim to know > your systems well enough to make a better call than you about how to > manage them, but I do claim that if you're going to use our software > (and affect our reputation if there's a security incident) then you'll > need to know how to disengage the safeties before you get to do > something which we *VERY* strongly discourage.
I think that's more than reasonable and would like to say "me too" to keeping the protections in place. It is trivial to revert if necessary, however I think we all seem to agree that any situation which can be fixed by running as root can be fixed in better ways. And no worries Ian; it was someone venting, even if misguided, on topic and not random spam.
signature.asc
Description: OpenPGP digital signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
