Bug#795459: exim4: Security problem: cannot symlink client.passwd to secure storage
Marc Haber
mh+debian-packages at zugschlus.de
Mon Aug 17 12:32:41 UTC 2015
On Fri, Aug 14, 2015 at 07:10:43PM +0200, Andreas Metzler wrote:
> Symlinks are not blocked in general:
And even if we did, I would suggest tweaking exim configuration to
directly point to secure storage. The client password file is
referenced in the remote_smtp_smarthost router, and the server
password files in the respective authenticators.
We do not have macros for those password file locations yet, though.
You'd need to change configuration directly at the moment.
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
More information about the Pkg-exim4-maintainers
mailing list