From f33875c3a0a0ef03a2e53cfcd339791b793151f0 Mon Sep 17 00:00:00 2001
From: Phil Pennock <pdp@exim.org>
Date: Tue, 9 May 2017 16:00:58 -0400
Subject: Add option commandline_checks_require_admin

May help with scenarios already so broken that bug report 2118 is
actually an issue (Wordpress vuln).
---
 doc/doc-txt/ChangeLog | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'doc/doc-txt/ChangeLog')

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 2078b3521..4bc5235ec 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -78,6 +78,14 @@ JH/12 Fix check on SMTP command input synchronisation.  Previously there were
       or prompt from Exim (running as a server), due to that code's lack of
       awareness of the SMTP input buferring.
 
+PP/04 Add commandline_checks_require_admin option.
+      Exim drops privileges sanely, various checks such as -be aren't a
+      security problem, as long as you trust local users with access to their
+      own account.  When invoked by services which pass untrusted data to
+      Exim, this might be an issue.  Set this option in main configuration
+      AND make fixes to the calling application, such as using `--` to stop
+      processing options.
+
 
 Exim version 4.89
 -----------------
-- 
cgit v1.2.3