Bug#817244: exim4-base: cron noise re environment
Matthew Vernon
mcv21 at cam.ac.uk
Tue Mar 15 13:55:16 UTC 2016
On 15/03/16 13:51, Marc Haber wrote:
> On Tue, Mar 15, 2016 at 10:33:40AM +0000, Matthew Vernon wrote:
>> Specifically, it seems that
>>
>> add_environment = <; PATH=/bin:/usr/bin
>>
>> Is what is needed. Maybe the NEWS or README.Debian entry should mention
>> this?
>
> Where is the point where the Debian maintainers can stop thinking
> about people not using the recommended configuration schemes?
It's a fair question; I think if it's not too much effort, it's worth
trying to support what is a not-uncommon pattern.
> I really don't know.
>
> That being said, please send a suggestion.
The current text says:
As part of the fix for CVE-2016-1531 updated Exim versions clean the
complete execution environment by default, affecting Exim and
subprocesses such as transports calling other programs, and thus may
break existing installations. New configuration options
(keep_environment, add_environment) were introduced to adjust this
behavior. The debian configuration adds the macros MAIN_KEEP_ENVIRONMENT
and MAIN_ADD_ENVIRONMENT to easily set these options.
I would suggest adding something like
"Users writing their own configuration rather than Debian's templated
approach will need to configure at least one of keep_environment and
add_environment. A suitable minimal configuration would be:
add_envionment <; PATH=/bin:/usr/bin"
Thanks,
Matthew
More information about the Pkg-exim4-maintainers
mailing list