Bug#321462: File /var/lib/exim4/config.autogenerated is world readable
Olivier Bonvalet
ob.reportbug at daevel.fr
Thu Dec 23 18:33:00 UTC 2010
Le 23/12/2010 18:58, Andreas Metzler a écrit :
> On 2010-12-23 Olivier Bonvalet<ob.reportbug at daevel.fr> wrote:
> [...]
>> In current conf, exim4 can't securely be setup to use a DB (except
>> file DB, like Sqlite).
> [...]
>
> That is already supported perfectly well.
>
> ametzler at argenau:~$ man update-exim4.conf | grep -3 CFILEMODE
> NOTES
> update-exim4.conf changes the file permissions of the output file to
> the value of the environment variable CFILEMODE. If CFILEMODE is nei‐
> ther set in /etc/exim4/update-exim4.conf.conf nor in the environment it
> defaults to 0644. Change this to 0640 if you are keeping sensitive
> information (LDAP credentials et. al.) in there.
>
> cu andreas
arg... thanks ! I missed that part...
More information about the Pkg-exim4-maintainers
mailing list