tags 321462 wontfix
thanks
On 2005-08-05 Florian Weimer <[EMAIL PROTECTED]> wrote:
> * Dave E. Martin:
>> A warning should be issued if the configuration contains sensitive
>> information and CFILEMODE allows world-read (and some option isn't
>> suppressing the warning); such as the presence of any exim options
>> prefixed with "hide", or perhaps even just the presence of lines
>> such as "mysql_servers" and similar (in this case, that line is
>> likely to contain a database user/password that users show not be
>> able to see).
> The presence of such a warning would just give a false sense of
> security, I fear. By is nature, it would be very unreliably. Even
> Exim itself doesn't know in some cases which strings in the
> configuration file are passwords, for example.
My thoughts exactly.
cu andreas
--
"See, I told you they'd listen to Reason," [SPOILER] Svfurlr fnlf,
fuhggvat qbja gur juveyvat tha.
Neal Stephenson in "Snow Crash"
http://downhill.aus.cc/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
