Bug#818897: Exim4 change CWD string to /

Серж ИвановЪ evasive.gyron at gmail.com
Sun Jun 5 19:18:51 UTC 2016 

On Thu, 21 Apr 2016 19:30:15 +0200 Andreas Metzler <ametzler at bebt.de> wrote:
> On 2016-04-20 Roman Bulakh <bulah.roman at gmail.com> wrote:
> > On 2016-03-27 Andreas Metzler <ametzler at bebt.de> wrote:
> >> On 2016-03-21 Roman Bulakh <bulah.roman at gmail.com> wrote:
> >>> Package: exim4
> >>> Version: 4.80-7+deb7u2
>
> >>> After updates exim to version 4.80-7+deb7u2 exim.c change CWD dir to /
> >>> on startup.
> [...]
> >> /usr/share/doc/exim4-base/changelog.Debian.gz
> >> exim4 (4.80-7+deb7u2) wheezy-security; urgency=high
> >>   * 88_CVE-2016-1531.diff:
> >> [...]
> >>     + Exim changes it's working directory to / right after startup.
> >> [...]
> >>   * 89_01_only_warn_on_nonempty_environment.diff,
> >>     89_02_Store-the-initial-working-directory.diff: Upstream followups
on the
> >>     CVE fix (Thanks, Heiko Schlittermann!):
> >> [...]
> >>     + Store the initial working directory and make it available in the
new
> >>       expansion variable $initial_cwd.
>
>
> >> Sadly I made an error with the latter patch, but it is going to be
fixed
> >> in the next point release. See <https://bugs.debian.org/818225>, you
can
> >> already grab 4.80-7+deb7u3 directly from the mirrors.
> >> http://ftp.at.debian.org/debian/pool/main/e/exim4/
> [...]
>
> > Problem is not fixed. I have exim 4.80-7+deb7u3 but cwd still "cwd=/"
>
> Please re-read my comment. I did not say exim stopped changing to / but
> "Store the initial working directory and make it available in the new
> expansion variable $initial_cwd.".
>
> You'll need to change your config.
>
> cu Andreas
> --
> `What a good friend you are to him, Dr. Maturin. His other friends are
> so grateful to you.'
> `I sew his ears on from time to time, sure'
>
>

Using this code "warn log_message = $initial_cwd" in acl_not_smtp yields
"2016-06-05 13:16:51 1b9V6x-00059W-3B U=root Warning: /"
as apposed to correct behavior,

can you clarify needed config changes, what are we missing here?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-exim4-maintainers/attachments/20160605/8cb28cf3/attachment.html>

More information about the Pkg-exim4-maintainers mailing list