Bug#321462: exim4-config: Issue a warning if CFILEMODE allows world-read and config file has any hide options

Andreas Metzler ametzler at downhill.at.eu.org
Sun Aug 7 09:02:04 UTC 2005


tags 321462 wontfix
thanks
On 2005-08-05 Florian Weimer <fw at deneb.enyo.de> wrote:
> * Dave E. Martin:
>> A warning should be issued if the configuration contains sensitive
>> information and CFILEMODE allows world-read (and some option isn't
>> suppressing the warning); such as the presence of any exim options
>> prefixed with "hide", or perhaps even just the presence of lines
>> such as "mysql_servers" and similar (in this case, that line is
>> likely to contain a database user/password that users show not be
>> able to see).

> The presence of such a warning would just give a false sense of
> security, I fear.  By is nature, it would be very unreliably.  Even
> Exim itself doesn't know in some cases which strings in the
> configuration file are passwords, for example.

My thoughts exactly.
                 cu andreas
-- 
"See, I told you they'd listen to Reason," [SPOILER] Svfurlr fnlf,
fuhggvat qbja gur juveyvat tha.
Neal Stephenson in "Snow Crash"
                                           http://downhill.aus.cc/




More information about the Pkg-exim4-maintainers mailing list