12. [POSSIBLE CONFIG BREAKAGE] ALT_CONFIG_ROOT_ONLY is no longer optional and
is forced on. This is mitigated by the new build option
- TRUSTED_CONFIG_PREFIX_LIST which defines a list of pathname prefices which
- are trusted; if a config file is owned by root and is under that prefix,
- then it may be used by the Exim run-time user.
+ TRUSTED_CONFIG_LIST which defines a list of configuration files which
+ are trusted; one per line. If a config file is owned by root and matches
+ a pathname in the list, then it may be invoked by the Exim build-time
+ user without Exim relinquishing root privileges.
13. [POSSIBLE CONFIG BREAKAGE] The Exim user is no longer automatically
trusted to supply -D<Macro[=Value]> overrides on the command-line. Going
- forward, we recommend using TRUSTED_CONFIG_PREFIX_LIST with shim configs
- that include the main config. As a transition mechanism, we are
- temporarily providing a work-around: the new build option
- WHITELIST_D_MACROS provides a colon-separated list of macro names which
- may be overriden by the Exim run-time user. The values of these macros
- are constrained to the regex ^[A-Za-z0-9_/.-]*$ (which explicitly does
- allow for empty values).
+ forward, we recommend using TRUSTED_CONFIG_LIST with shim configs that
+ include the main config. As a transition mechanism, we are temporarily
+ providing a work-around: the new build option WHITELIST_D_MACROS provides
+ a colon-separated list of macro names which may be overriden by the Exim
+ run-time user. The values of these macros are constrained to the regex
+ ^[A-Za-z0-9_/.-]*$ (which explicitly does allow for empty values).
Version 4.72