Public bug reported:
Since the latest release, no PID file is created in /run/exim4/exim.pid
when Exim is run.
No local configuration changes have been made between the working and
non-working versions. The command line arguments are '/usr/sbin/exim4
-bd -q30m', and there are no PID-related configuration arguments set.
Setting SMTPLISTENEROPTIONS='-oP /run/exim4/exim.pid' in
/etc/default/exim produces the correct command-line arguments, but also
does not create the specified PID file.
I presume this is related to the fix for CVE-2020-28014: 'An attacker
who obtained the privileges of the "exim" user can abuse the -oP
override_pid_file_path option to create (or overwrite) an arbitrary
file, as root'.
If this new behaviour is intentional, then the documentation may need
updating.
This is on Ubuntu 20.04, exim version 4.93-13ubuntu1.5. Version
4.93-13ubuntu1.1 (released in May 2020) works correctly.
Thanks!
** Affects: exim
Importance: Unknown
Status: Unknown
** Affects: exim4 (Ubuntu)
Importance: Undecided
Status: New
** Bug watch added: bugs.exim.org/ #2738
http://bugs.exim.org/show_bug.cgi?id=2738
** Also affects: exim via
http://bugs.exim.org/show_bug.cgi?id=2738
Importance: Unknown
Status: Unknown
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1927725
Title:
PID file no longer created
To manage notifications about this bug go to:
https://bugs.launchpad.net/exim/+bug/1927725/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
