Bug#321462: exim4-config: Issue a warning if CFILEMODE allows
world-read and config file has any hide options
Andreas Metzler
ametzler at downhill.at.eu.org
Sun Aug 7 09:02:04 UTC 2005
tags 321462 wontfix
thanks
On 2005-08-05 Florian Weimer <fw at deneb.enyo.de> wrote:
> * Dave E. Martin:
>> A warning should be issued if the configuration contains sensitive
>> information and CFILEMODE allows world-read (and some option isn't
>> suppressing the warning); such as the presence of any exim options
>> prefixed with "hide", or perhaps even just the presence of lines
>> such as "mysql_servers" and similar (in this case, that line is
>> likely to contain a database user/password that users show not be
>> able to see).
> The presence of such a warning would just give a false sense of
> security, I fear. By is nature, it would be very unreliably. Even
> Exim itself doesn't know in some cases which strings in the
> configuration file are passwords, for example.
My thoughts exactly.
cu andreas
--
"See, I told you they'd listen to Reason," [SPOILER] Svfurlr fnlf,
fuhggvat qbja gur juveyvat tha.
Neal Stephenson in "Snow Crash"
http://downhill.aus.cc/
More information about the Pkg-exim4-maintainers
mailing list