On 09/03/16 17:07, Cyborg wrote: > The question is, who stops the attacker from loading a config he likes > directly into exim WITH the new vars set ?
The config filename is compiled-in, or the filename carrying permitted config file names is compiled-in. Also the config file must be owned by root or a user that is compiled-in, and not world-writable. See Chapter 6, first few paragraphs. -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
