On Mon, 2016-04-18 at 11:37 +0100, Jeremy Harris wrote:
> On 18/04/16 01:47, Always Learning wrote: > > I'll add 'PATH' to the keep_environment parameter. > Don't just blindly do it; assess your needs and only > keep what you need. It's a vulnerability attack > surface. 'PATH' was someone else's helpful suggestion :-) (1) I don't understand the purpose of keep_environment. Is it a collection of directory/file strings (separated by colons or semi-colons ?) that Exim uses for launching or calling routines or other programmes ? If so, how will that prevent an unauthorised person gaining system access ? (2) My Exim is in /usr/sbin/exim and it calls, to my knowledge and belief, nothing other than its own Exim routines. It does use /var/spool/exim/ and /var/log/exim/ but neither have executables (binaries or text files marked executable). Is the illuminating wisdom now in the Exim documentation ? Thanks Jeremy. -- Regards, Paul. England, EU. England's place is in the European Union. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
