Bug#795459: exim4: Security problem: cannot symlink client.passwd to secure storage

[Andreas Metzler]

On 2015-08-14 Juergen Pfennig <info at j-pfennig.de> wrote:
> Package: exim4
[...]
> * I would like to store passwd.client in an encrypted folder.

> * Cannot use hard-links to different fs, sym-links are silently ignored
> * by exim.

> * As a result I get a security problem because I cannot use a secure,
> * encrypted folder to store the passwords.

> Did somebody try to do something good by blocking symlinks? Anyhow, you
> end up with an insecure configuration (clear text passwords in unsecure
> storage).
[...]

Hello,

Symlinks are not blocked in general:

argenau:/etc/exim4# ls -l passwd
-rw-r----- 1 root Debian-exim 58 Aug 17  2011 passwd
argenau:/etc/exim4# mv  passwd passwd.file ; ln -s  passwd.file  passwd ; ls -l passwd ls -l passwd.file
ls: cannot access ls: No such file or directory
lrwxrwxrwx 1 root root        11 Aug 14 19:02 passwd -> passwd.file
-rw-r----- 1 root Debian-exim 58 Aug 17  2011 passwd.file
ametzler at argenau:~/$ swaks -s localhost --auth --auth-user user --auth-password secret -q auth
=== Trying localhost:25...
=== Connected to localhost.
<-  220 ip6-localhost ESMTP Exim 4.86 Fri, 14 Aug 2015 19:03:09 +0200
 -> EHLO argenau.downhill.at.eu.org
<-  250-ip6-localhost Hello localhost [127.0.0.1]
<-  250-SIZE 52428800
<-  250-8BITMIME
<-  250-PIPELINING
<-  250-AUTH CRAM-MD5
<-  250-STARTTLS
<-  250-PRDR
<-  250 HELP
 -> AUTH CRAM-MD5
<-  334 [deleted]
<-  235 Authentication succeeded
 -> QUIT
<-  221 ip6-localhost closing connection
=== Connection closed with remote host.
(I have also tried with passwd.file on another filesystem.)


Is the file and directory where your symlink points to readable for
the exim user or group? What does the logfile say?

cu Andreas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'