From d0b966c27cd340188eef270b52f7edc34f833e1b Mon Sep 17 00:00:00 2001 From: =?utf8?q?Arkadiusz=20Mi=C5=9Bkiewicz?= Date: Wed, 10 May 2017 08:19:25 +0200 Subject: [PATCH] - rel 2; backport commandline_checks_require_admin option (workaround for holes like last one in wordpress) --- exim.spec | 4 +++- exim4.conf | 4 ++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 4c20b9f..f192f43 100644 --- a/exim.spec +++ b/exim.spec @@ -24,7 +24,7 @@ Summary(pl.UTF-8): Agent Transferu Poczty Uniwersytetu w Cambridge Summary(pt_BR.UTF-8): Servidor de correio eletrônico exim Name: exim Version: 4.89 -Release: 1 +Release: 2 Epoch: 2 License: GPL Group: Networking/Daemons/SMTP @@ -57,6 +57,7 @@ Patch3: exim-defs.patch Patch4: %{name}4-Makefile-Default.patch # http://marc.merlins.org/linux/exim/files/sa-exim-cvs/localscan_dlopen_exim_4.20_or_better.patch Patch5: localscan_dlopen_%{name}_4.20_or_better.patch +Patch6: exim-commandline_checks_require_admin.patch Patch8: %{name}-spam-timeout.patch @@ -183,6 +184,7 @@ Pliki nagłówkowe dla Exima. %patch3 -p1 %patch4 -p1 %patch5 -p1 +%patch6 -p2 %patch8 -p1 diff --git a/exim4.conf b/exim4.conf index 5a5f2bf..32ff33d 100644 --- a/exim4.conf +++ b/exim4.conf @@ -218,6 +218,10 @@ tls_advertise_hosts = never_users = root +# This option restricts various basic checking features (like -b* options) +# to require an administrative user. + +commandline_checks_require_admin = true # The setting below causes Exim to do a reverse DNS lookup on all incoming # IP calls, in order to get the true host name. If you feel this is too -- 2.43.0