On 3/16/21 4:11 PM, Theo de Raadt wrote:
Renaud Allard wrote:
This is a small patch to try to add a basic pledge() to exim. It also
avoids exim from calling some "inappropriate" ioctls.
This seems to run fine on my server, but I would like a wider testing
and bug reporting if possible.
I'l
Hello,
This is a small patch to try to add a basic pledge() to exim. It also
avoids exim from calling some "inappropriate" ioctls.
This seems to run fine on my server, but I would like a wider testing
and bug reporting if possible.
Thank you
Index: Makefile
===
Stuart Henderson wrote:
> On 2021/03/16 09:28, Theo de Raadt wrote:
> > >
> > > Yes, I know, it's a "better than nothing" solution. I tried to make it
> > > run for all use cases, which is quite wide as you said.
> >
> > Hang on -- it is not "better than nothing". It leaves the programs with
>
On 2021/03/16 09:28, Theo de Raadt wrote:
> >
> > Yes, I know, it's a "better than nothing" solution. I tried to make it
> > run for all use cases, which is quite wide as you said.
>
> Hang on -- it is not "better than nothing". It leaves the programs with
> enough abilities so that, if it got h
On 2021/03/16 16:05, Renaud Allard wrote:
> This is a small patch to try to add a basic pledge() to exim. It also avoids
> exim from calling some "inappropriate" ioctls.
> This seems to run fine on my server, but I would like a wider testing and
> bug reporting if possible.
To my eye the only real
Renaud Allard wrote:
> On 3/16/21 4:11 PM, Theo de Raadt wrote:
> > Renaud Allard wrote:
> >
> >> This is a small patch to try to add a basic pledge() to exim. It also
> >> avoids exim from calling some "inappropriate" ioctls.
> >> This seems to run fine on my server, but I would like a wider te
Renaud Allard wrote:
> This is a small patch to try to add a basic pledge() to exim. It also
> avoids exim from calling some "inappropriate" ioctls.
> This seems to run fine on my server, but I would like a wider testing
> and bug reporting if possible.
I'll step in and say I am really sceptical
