
Millions of Exim servers vulnerable to root-granting exploit - elorant
https://www.zdnet.com/article/millions-of-exim-servers-vulnerable-to-root-granting-exploit/
======
bellpepper
Why does Exim run as root? Of course it needs to bind to low numbered ports,
but why can't it drop privileges after doing that?

~~~
tmikaeld
I asked this myself more than 10 years ago and then switched to Postfix
because it runs chrooted as it's own user, same with Dovecot.

I never managed to find a good reason as to why it cannot be chrooted.

