exim4 (4.30-1) unstable; urgency=low

  * Exim now runs under its own uid (Debian-exim) instead of using mail:mail.
  
    WARNING: You cannot downgrade this version to an older one without
    manual chown|chrgrp all files owned by Debian-exim to mail.
    
    Securitywise this is a tradeoff:
    - if exim is SUID root and runs without deliver_drop_privilege you win:
      exim's internal data in /var/spool/exim4 is not open to attacks by
      bugs in programs SGID mail (mail delivery agents like deliver or
      procmail, or MUAs like pine) anymore. This is Debians default setup.
    - OTOH if you need to be able to make local deliveries to /var/mail and
      want to run exim with reduced priviledge you have some additional work
      to do:
      * Use an SGID MDA for the actual delivery (I suggest maildrop.)
      * Make changes to run exim4 under group mail:
        - exim_group=mail.
        - Hack: make Debian-exim a group with gid=8, i.e. an alias for
          the mail group, _before_ you make the upgrade. (groupadd -o -g 8
          Debian-exim)

 -- Andreas Metzler <ametzler@debian.org>  Sun,  7 Dec 2003 13:59:46 +0100