https://bugs.exim.org/show_bug.cgi?id=2941
--- Comment #3 from ivanov17 <[email protected]> --- Thank you for your explanation. I think there are some things which need to be worked on. First, it should be documented that Exim has options that don't allow string expansions. When I read documentation, I think: well, I can use that solution. But if I try to implement this, I see that it doesn't work. I think every option that doesn't allow string expansions should have a corresponding comment. Second, if some Exim options don't have any security reasons for disabling string expansion, it should be allowed. This will make Exim more flexible and configurable. Third, using environment variables may be safer in some scenarios than in others. If I set deliver_drop_privilege to true, it reduces several kinds of the risks. In this case, some actions prohibited in other cases could be allowed. Finally, it would be nice to have an official recommends to build Exim container images. This recommendation can be described in a separate chapter of the Exim documentation. There is also an interesting way that is used in 389 Directory Sever, because containerizing of LDAP server is not a trivial task. They provide an official script for container images building as part of the 389DS distribution. It comes as a part of any 389DS package in the any Linux distribution. I'll really appreciate if we would have something like that for Exim. -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
