On 2015-08-14 Juergen Pfennig <i...@j-pfennig.de> wrote: > Package: exim4 [...] > * I would like to store passwd.client in an encrypted folder.
> * Cannot use hard-links to different fs, sym-links are silently ignored > * by exim. > * As a result I get a security problem because I cannot use a secure, > * encrypted folder to store the passwords. > Did somebody try to do something good by blocking symlinks? Anyhow, you > end up with an insecure configuration (clear text passwords in unsecure > storage). [...] Hello, Symlinks are not blocked in general: argenau:/etc/exim4# ls -l passwd -rw-r----- 1 root Debian-exim 58 Aug 17 2011 passwd argenau:/etc/exim4# mv passwd passwd.file ; ln -s passwd.file passwd ; ls -l passwd ls -l passwd.file ls: cannot access ls: No such file or directory lrwxrwxrwx 1 root root 11 Aug 14 19:02 passwd -> passwd.file -rw-r----- 1 root Debian-exim 58 Aug 17 2011 passwd.file ametzler@argenau:~/$ swaks -s localhost --auth --auth-user user --auth-password secret -q auth === Trying localhost:25... === Connected to localhost. <- 220 ip6-localhost ESMTP Exim 4.86 Fri, 14 Aug 2015 19:03:09 +0200 -> EHLO argenau.downhill.at.eu.org <- 250-ip6-localhost Hello localhost [127.0.0.1] <- 250-SIZE 52428800 <- 250-8BITMIME <- 250-PIPELINING <- 250-AUTH CRAM-MD5 <- 250-STARTTLS <- 250-PRDR <- 250 HELP -> AUTH CRAM-MD5 <- 334 [deleted] <- 235 Authentication succeeded -> QUIT <- 221 ip6-localhost closing connection === Connection closed with remote host. (I have also tried with passwd.file on another filesystem.) Is the file and directory where your symlink points to readable for the exim user or group? What does the logfile say? cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure'
