http://bugzilla.spamassassin.org/show_bug.cgi?id=3926
Summary: spamd now setuid()ing before creating spamd pidfile
Product: Spamassassin
Version: 3.0.1
Platform: Sun
OS/Version: Solaris
Status: NEW
Severity: normal
Priority: P5
Component: spamc/spamd
AssignedTo: [email protected]
ReportedBy: [EMAIL PROTECTED]
When passing the -r argument to spamd to log the PID to disk, spamd seems to now
setuid() to the user specified by the -u argument _first_. This kills the
ability to log the PID to somewhere like /var/run/ prior to dropping privileges.
This behavior seems to exist in the spamd packaged with both SpamAssassin 3.0.0
and 3.0.1, but the 2.6.x releases did not exhibit this. Is this intentional, or
an oversight?
It looks like bug3577 suggests switching to a model where the spamd parent
maintains root privs and only having children setuid(), which would make this
bug a moot point.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
