From ec5a0394762d1da895a6410e864c714b11726367 Mon Sep 17 00:00:00 2001 From: Phil Pennock Date: Wed, 9 Jun 2010 01:30:16 +0000 Subject: [PATCH] Minor doc updates: * -bmalware, note that not running as invoking user and emphasize that it's for debugging Exim, not for general scanning. * permit_codedump ? coRedump. * Anon SSL lacking cert has been confirmed, fix works, remove the "(I believe)" (which also might have been inferred to mean I did the diagnosis; I didn't, I just convinced myself that Martin's analysis was correct). --- doc/doc-docbook/spec.xfpt | 10 ++++++++-- doc/doc-txt/ChangeLog | 8 ++++---- 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 837813cec..7d2ae02d2 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -1,4 +1,4 @@ -. $Cambridge: exim/doc/doc-docbook/spec.xfpt,v 1.85 2010/06/07 08:42:15 pdp Exp $ +. $Cambridge: exim/doc/doc-docbook/spec.xfpt,v 1.86 2010/06/09 01:30:16 pdp Exp $ . . ///////////////////////////////////////////////////////////////////////////// . This is the primary source of the Exim Manual. It is an xfpt document that is @@ -3183,7 +3183,13 @@ using the malware scanning framework. The option of av_scanner influences this option, so if av_scanner's value is dependent upon an expansion then the expansion should have defaults which apply to this invocation. Exim will have changed working directory before resolving the filename, so using fully -qualified pathnames is advisable. This option requires admin privileges. +qualified pathnames is advisable. Exim will be running as the Exim user +when it tries to open the file, rather than as the invoking user. +This option requires admin privileges. + +The &%-bmalware%& option will not be extended to be more generally useful, +there are better tools for file-scanning. This option exists to help +administrators verify their Exim and AV scanner configuration. .vitem &%-bt%& .oindex "&%-bt%&" diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 9f4a63470..f486e025b 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -1,4 +1,4 @@ -$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.630 2010/06/07 08:42:15 pdp Exp $ +$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.631 2010/06/09 01:30:16 pdp Exp $ Change log file for Exim from version 4.21 ------------------------------------------- @@ -19,13 +19,13 @@ PP/03 Bugzilla 994: added openssl_options main configuration option. PP/04 Bugzilla 995: provide better SSL diagnostics on failed reads. -PP/05 Bugzilla 834: provide a permit_codedump option for pipe transports. +PP/05 Bugzilla 834: provide a permit_coredump option for pipe transports. PP/06 Adjust NTLM authentication to handle SASL Initial Response. PP/07 If TLS negotiated an anonymous cipher, we could end up with SSL but - without a peer certificate (I believe), leading to a segfault because of - an assumption that peers always have certificates. Be a little more + without a peer certificate, leading to a segfault because of an + assumption that peers always have certificates. Be a little more paranoid. Problem reported by Martin Tscholak. PP/08 Bugzilla 926: switch ClamAV to use the new zINSTREAM API for content -- 2.30.2