Bug#321462: exim4-config: Issue a warning if CFILEMODE allows
world-read and config file has any hide options
Florian Weimer
fw at deneb.enyo.de
Fri Aug 5 21:50:32 UTC 2005
* Dave E. Martin:
> A warning should be issued if the configuration contains sensitive
> information and CFILEMODE allows world-read (and some option isn't
> suppressing the warning); such as the presence of any exim options
> prefixed with "hide", or perhaps even just the presence of lines
> such as "mysql_servers" and similar (in this case, that line is
> likely to contain a database user/password that users show not be
> able to see).
The presence of such a warning would just give a false sense of
security, I fear. By is nature, it would be very unreliably. Even
Exim itself doesn't know in some cases which strings in the
configuration file are passwords, for example.
More information about the Pkg-exim4-maintainers
mailing list