diff options
author | Phil Pennock <pdp@exim.org> | 2011-01-21 04:12:15 -0500 |
---|---|---|
committer | Phil Pennock <pdp@exim.org> | 2011-01-21 04:12:15 -0500 |
commit | e6acf885b4298622c51fa4af49b3e18838313b5b (patch) | |
tree | 915010601bbab673fe32ed46e79ed2ff084e94b6 /doc/doc-txt/IncompatibleChanges | |
parent | 1670ef10063d7708eb736a482d1ad25b9c59521d (diff) |
IncompatibleChanges out, README.UPDATING updated.
I forgot about README.UPDATING and introduced a new txt file with the
4.73 release, noting incompatible changes. Because these weren't
documented in the normal place, some people missed them. Mea culpa.
Integrated the notes from IncompatibleChanges into README.UPDATING.
Added a note on the ABI of the dynlookups.
Diffstat (limited to 'doc/doc-txt/IncompatibleChanges')
-rw-r--r-- | doc/doc-txt/IncompatibleChanges | 59 |
1 files changed, 0 insertions, 59 deletions
diff --git a/doc/doc-txt/IncompatibleChanges b/doc/doc-txt/IncompatibleChanges deleted file mode 100644 index 2d3394ba3..000000000 --- a/doc/doc-txt/IncompatibleChanges +++ /dev/null @@ -1,59 +0,0 @@ -Preamble -======== - -Normally The Exim Maintainers ensure that a configuration which works -with version N will work with version N+1, within a major version number -(eg, 4). - -Occasionally this will not be the case; usually, those changes will be -at the end of a long notice period where admins have been encouraged to -move away and even then, we are hesitant to fully break things without -strong cause to move away. - -This does not apply to "experimental" features, which can be withdrawn -or changed with little notice, although we still endeavour to limit -that. We may choose to note those changes here too. - -The most likely cause of a backwards-incompatible change is a security -improvement, where the benefits for everyone strongly outweigh the needs -of the few. - - -Changes -======= - -Exim version 4.73 ------------------ - - * The Exim run-time user can no longer be root; this was always - strongly discouraged, but is now prohibited both at build and - run-time. If you need Exim to run routinely as root, you'll need to - patch the source and accept the risk. Here be dragons. - - * Exim will no longer accept a configuration file owned by the Exim - run-time user, unless that account is explicitly the value in - CONFIGURE_OWNER, which we discourage. Exim now checks to ensure that - files are not writable by other accounts. - - * The ALT_CONFIG_ROOT_ONLY build option is no longer optional and is forced - on; the Exim user can, by default, no longer use -C/-D and retain privilege. - Two new build options mitigate this. - - * TRUSTED_CONFIG_LIST defines a file containing a whitelist of config - files that are trusted to be selected by the Exim user; one per line. - This is the recommended approach going forward. - - * WHITELIST_D_MACROS defines a colon-separated list of macro names which - the Exim run-time user may safely pass without dropping privileges. - Because changes to this involve a recompile, this is not the recommended - approach but may ease transition. The values of the macros, when - overriden, are constrained to match this regex: ^[A-Za-z0-9_/.-]*$ - - * The system_filter_user option now defaults to the Exim run-time user, - rather than root. You can still set it explicitly to root and this - can be done with prior versions too, letting you roll versions - without needing to change this configuration option. - - * ClamAV must be at least version 0.95 unless WITH_OLD_CLAMAV_STREAM is - defined at build time. - |