From 74935b987fd0312f535747fea636883ae22fec77 Mon Sep 17 00:00:00 2001
From: David Woodhouse <David.Woodhouse@intel.com>
Date: Wed, 15 Dec 2010 13:47:46 +0000
Subject: Allow only Exim or CONFIGURE_OWNER to use whitelisted configs with -C

We only added TRUSTED_CONFIG_PREFIX_FILE to compensate for the enforcing
of ALT_CONFIG_ROOT_ONLY. Let's not open it up any further than we need to;
other users don't get to make use of it.
---
 doc/doc-txt/ChangeLog | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'doc/doc-txt/ChangeLog')

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 201d9616d..f405cda5f 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -102,6 +102,10 @@ DW/29 Remove use of va_copy() which breaks pre-C99 systems. Duplicate the
       result string, instead of calling string_vformat() twice with the same
       arguments.
 
+DW/30 Allow TRUSTED_CONFIG_PREFIX_FILE only for Exim or CONFIGURE_OWNER, not
+      for other users. Others should always drop root privileges if they use
+      -C on the command line, even for a whitelisted configure file.
+
 
 Exim version 4.72
 -----------------
-- 
cgit v1.2.3