Bug#695820: /usr/sbin/exipick: not setuid

Jasen Betts jasen at xnet.co.nz
Thu Dec 13 02:51:16 UTC 2012 

Package: exim4-base
Version: 4.72-6+squeeze2
Severity: normal
File: /usr/sbin/exipick


exipick is not installed setuid, and as a result people granted 
mail administrator privileges in the exim config file are 
not able to use it.  This is a shame as it is more capable (and less 
buggy) than exiqgrep, which they can use.

I don't know if it's safe to make exipick setuid. my work-around has
been to use sudo in nopasswd: mode.

-- Package-specific info:
Exim version 4.72 #1 built 12-May-2011 18:13:11
Copyright (c) University of Cambridge, 1995 - 2007
Berkeley DB: Berkeley DB 4.8.30: (April  9, 2010)
Support for: crypteq iconv() IPv6 GnuTLS move_frozen_messages DKIM
Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dnsdb dsearch nis nis0 passwd
Authenticators: cram_md5 plaintext
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
Fixed never_users: 0
Size of off_t: 8
GnuTLS compile-time version: 2.8.6
GnuTLS runtime version: 2.8.6
Configuration file is /var/lib/exim4/config.autogenerated
# /etc/exim4/update-exim4.conf.conf
#
# Edit this file and /etc/mailname by hand and execute update-exim4.conf
# yourself or use 'dpkg-reconfigure exim4-config'
#
# Please note that this is _not_ a dpkg-conffile and that automatic changes
# to this file might happen. The code handling this will honor your local
# changes, so this is usually fine, but will break local schemes that mess
# around with multiple versions of the file.
#
# update-exim4.conf uses this file to determine variable values to replace
# the DEBCONFsomethingDEBCONF strings in the configuration template files.
#
# Most settings found in here do have corresponding questions in the
# Debconf configuration, but not all of them.
#
# This is a Debian specific file

dc_eximconfig_configtype='smarthost'
dc_other_hostnames='gonzo:reversiblemaps.ath.cx:jasen.is-a-geek.org'
dc_local_interfaces='127.0.0.1;192.168.2.4'
dc_readhost='xnet.co.nz'
dc_relay_domains=''
dc_minimaldns='false'
dc_relay_nets='127.0.0.0/8'
dc_smarthost='smtpcorp.com'
CFILEMODE='644'
dc_use_split_config='false'
dc_hide_mailname='true'
dc_mailname_in_oh='true'
dc_localdelivery='mail_spool'
mailname:jasen.is-a-geek.org

-- System Information:
Debian Release: 6.0.6
  APT prefers stable
  APT policy: (990, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores)
Locale: LANG=en_NZ.UTF-8, LC_CTYPE=en_NZ.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages exim4-base depends on:
ii  adduser                 3.112+nmu2       add and remove users and groups
ii  cron                    3.0pl1-116       process scheduling daemon
ii  debconf [debconf-2.0]   1.5.36.1         Debian configuration management sy
ii  exim4-config [exim4-con 4.72-6+squeeze2  configuration for the Exim MTA (v4
ii  libc6                   2.11.3-4         Embedded GNU C Library: Shared lib
ii  libdb4.8                4.8.30-2         Berkeley v4.8 Database Libraries [
ii  lsb-base                3.2-23.2squeeze1 Linux Standard Base 3.2 init scrip
ii  netbase                 4.45             Basic TCP/IP networking system

Versions of packages exim4-base recommends:
ii  bsd-mailx [mailx]  8.1.2-0.20100314cvs-1 simple mail user agent
ii  heirloom-mailx [ma 12.4-2                feature-rich BSD mail(1)
ii  mailx              1:20081101-2          Transitional package for mailx ren
ii  perl-modules       5.10.1-17squeeze3     Core Perl modules
ii  psmisc             22.11-1               utilities that use the proc file s

Versions of packages exim4-base suggests:
ii  bsd-mailx [mail-re 8.1.2-0.20100314cvs-1 simple mail user agent
pn  exim4-doc-html | e <none>                (no description available)
pn  eximon4            <none>                (no description available)
ii  file               5.04-5+squeeze2       Determines file type using "magic"
ii  icedove [mail-read 3.0.11-1+squeeze13    mail/news client with RSS and inte
ii  jed [mail-reader]  1:0.99.19-2           editor for programmers (textmode v
ii  mutt [mail-reader] 1.5.20-9+squeeze2     text-based mailreader supporting M
ii  openssl            0.9.8o-4squeeze13     Secure Socket Layer (SSL) binary a
pn  spf-tools-perl     <none>                (no description available)
pn  swaks              <none>                (no description available)
ii  xjed [mail-reader] 1:0.99.19-2           editor for programmers (x11 versio

-- Configuration Files:
/etc/logrotate.d/exim4-paniclog changed [not included]

-- debconf-show failed

More information about the Pkg-exim4-maintainers mailing list