From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Fri, 7 May 2021 12:09:12 +0000 (+0100)
Subject: Suggestion from Qalys:
X-Git-Tag: exim-4.95-RC0~10^2~22
X-Git-Url: https://git.exim.org/exim.git/commitdiff_plain/3109898a5e815a04f505c73b67493ef15d9f0665

Suggestion from Qalys:

If I may add one more thing, there is an issue that should be addressed
sooner rather than later: the writable configuration at the beginning of
the heap. A short-term (and hopefully non-intrusive) solution may be to
mmap() the configuration instead, and then mprotect(PROT_READ) it. This
would mitigate the exploitation technique that almost all Exim exploits
have been using.
---