diff options
Diffstat (limited to 'doc/doc-txt/IncompatibleChanges')
-rw-r--r-- | doc/doc-txt/IncompatibleChanges | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/doc/doc-txt/IncompatibleChanges b/doc/doc-txt/IncompatibleChanges new file mode 100644 index 000000000..b578faa5b --- /dev/null +++ b/doc/doc-txt/IncompatibleChanges @@ -0,0 +1,45 @@ +Preamble +======== + +Normally The Exim Maintainers ensure that a configuration which works +with version N will work with version N+1, within a major version number +(eg, 4). + +Occasionally this will not be the case; usually, those changes will be +at the end of a long notice period where admins have been encouraged to +move away and even then, we are hesitant to fully break things without +strong cause to move away. + +This does not apply to "experimental" features, which can be withdrawn +or changed with little notice, although we still endeavour to limit +that. We may choose to note those changes here too. + +The most likely cause of a backwards-incompatible change is a security +improvement, where the benefits for everyone strongly outweigh the needs +of the few. + + +Changes +======= + +Exim version 4.73 +----------------- + + * The Exim run-time user can no longer be root; this was always + strongly discouraged, but is now prohibited both at build and + run-time. If you need Exim to run routinely as root, you'll need to + patch the source and accept the risk. Here be dragons. + + * Exim will no longer accept a configuration file owned by the Exim + run-time user, unless that account is explicitly the value in + CONFIGURE_OWNER, which we discourage. Exim now checks to ensure that + files are not writable by other accounts. + + * ALT_CONFIG_ROOT_ONLY is no longer optional and is forced on; the Exim + user can no longer use -C/-D and retain privilege. + + * The system_filter_user option now defaults to the Exim run-time user, + rather than root. You can still set it explicitly to root and this + can be done with prior versions too, letting you roll versions + without needing to change this configuration option. + |