Hallo, Martin Steigerwald schrieb am Sat 21. Oct, 12:04 (+0200): > Package: dspam > Version: 3.6.8-4
Version 3.6.8-8 > Severity: important > > Instead of compiling my own dspam I decided to use the latest debian > package. > > First I fixed lots of permissions problems: Although dspam executable > is set gid like this > > deepdance:~> ls -l /usr/bin/dspam > -rwxr-sr-x 1 dspam dspam 92196 2006-10-19 22:54 /usr/bin/dspam > > It can't read /etc/dspam/dspam.config unless I do chmod a+r on it. > > brk(0) = 0x805f000 > brk(0x8080000) = 0x8080000 > umask(06) = 022 > open("/etc/dspam/dspam.conf", O_RDONLY) = -1 EACCES (Permission denied) No, this is a problem of strace or better a security feature. strace uses debugging stuff to examine processes and a process that is examined with debugging stuff drops all it's privileges. You can't examine suid and sgid processes with strace (and ltrace). > It also cannot write to /var/spool/dspam unless I do chmod a+rwx on it. Same reason. > I did dspam_stats -H martin and fixed permissions again. This is a bug in the package. dspam_stats must get the sgid bit, too. > Then I also created missing directories > > mkdir -p /var/spool/dspam/opt-in/local/martin.dspam > chmod -R a+rwx /var/spool/dspam/opt-in/ > mkdir -p /var/spool/dspam/opt-out/local/martin.dspam > chmod -R a+rwx /var/spool/dspam/opt-out/ It was enough at me to change owner and group of these directories to dspam:dspam, but I had to create them. > Then I even copied a prefs file so fix the last error in strace: > cp -a /etc/dspam/default.prefs /var/spool/dspam/data/local/martin/martin.prefs That wasn't necessary at me. Bye, Jörg. -- Dummheit anprangern ist ungefährlich, weil sich niemand angegriffen fühlt.
signature.asc
Description: Digital signature http://en.wikipedia.org/wiki/OpenPGP