Package: exim4-config Version: 4.44-2 Severity: wishlist
A warning should be issued if the configuration contains sensitive information and CFILEMODE allows world-read (and some option isn't suppressing the warning); such as the presence of any exim options prefixed with "hide", or perhaps even just the presence of lines such as "mysql_servers" and similar (in this case, that line is likely to contain a database user/password that users show not be able to see). (previous closed bug relevent to this issue: #203320) It is relatively easy for someone to come along many months later and alter their configuration to include sensitive information and forget that these files turn into a /var/log/exim4/config.autogenerated that may no longer have desirable permissions. Also, people used to other exim installations or inheriting an already configured system that may not be familiar with this method of doing the configuration. -- Package-specific info: Exim version 4.44 #1 built 27-Jan-2005 13:55:35 Copyright (c) University of Cambridge 2004 Berkeley DB: Sleepycat Software: Berkeley DB 4.2.52: (December 3, 2003) Support for: iconv() IPv6 GnuTLS Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dsearch nis nis0 passwd Authenticators: cram_md5 plaintext Routers: accept dnslookup ipliteral manualroute queryprogram redirect Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp Fixed never_users: 0 Configuration file is /var/lib/exim4/config.autogenerated -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.11-1-686 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages exim4-config depends on: ii adduser 3.63 Add and remove users and groups ii debconf [debconf-2.0] 1.4.30.11 Debian configuration management sy ii passwd 1:4.0.3-30.10 change and administer password and -- debconf information excluded -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]