On Wed, 2019-09-11 at 11:15 +0000, Andy Smith wrote:
> Hi John,
>
> On Wed, Sep 11, 2019 at 11:28:27AM +0100, John Winters wrote:
> > Presumably if your exim is not running as root, then the most it
> > can give is
> > access as your exim user?
>
> Are there setups where Exim doesn't run as root? Normally it runs as
> root in order to do local delivery as the required user.
>
> If you have no local delivery then my understanding is that you
> aren't vulnerable to this bug, because it relies on writing bad data
> into a file that a later delivery agent processes.
>
> Cheers,
> Andy
>
Hi,
Hope I'm not hijacking - but it seems like a good point. In default
debian Exim doesn't run as root. For example: my exim (on debian) runs
as user Debian-exim.
ps axu|grep exim
Debian-+ 2231 0.0 0.0 33264 4156 ? Ss Sep08 2:06
/usr/sbin/exim4 -bd -q30m
Debian-+ 3277 0.0 0.0 33368 3680 ? S 12:20 0:00
/usr/sbin/exim4 -bd -q30m
It drops privileges once it opened the ports.
But to be fair, I don't want people executing code as user Debian-exim
either on my machine, thus I patched quickly.
Disclaimer: I switched to exim from sendmail & postfix 20 years ago,
forgive me please if I sound a bit biased by now...
Conrad