Bug#321462: File /var/lib/exim4/config.autogenerated is world readable
Andreas Metzler
ametzler at downhill.at.eu.org
Thu Dec 23 17:58:47 UTC 2010
On 2010-12-23 Olivier Bonvalet <ob.reportbug at daevel.fr> wrote:
[...]
> In current conf, exim4 can't securely be setup to use a DB (except
> file DB, like Sqlite).
[...]
That is already supported perfectly well.
ametzler at argenau:~$ man update-exim4.conf | grep -3 CFILEMODE
NOTES
update-exim4.conf changes the file permissions of the output file to
the value of the environment variable CFILEMODE. If CFILEMODE is nei‐
ther set in /etc/exim4/update-exim4.conf.conf nor in the environment it
defaults to 0644. Change this to 0640 if you are keeping sensitive
information (LDAP credentials et. al.) in there.
cu andreas
More information about the Pkg-exim4-maintainers
mailing list