On Wed, 27 Oct 2004, Justin Mason wrote:
> Both will break existing usage at other sites; some thought for backwards
> compatibility is required before we could apply those to the distribution.
> In particular, defaulting to only allowing -u for root would break
> a *lot* of existing users running spamc from the MTA.
i think the setgid portion is backward compatible -- it only restricts -u
to root when the executable is installed setgid. otherwise it allows -u
just fine... i'm guessing very few folks use a setgid spamc, but let me
know.
as for the default transport -- i just figured out a local solution
that'll work with pre-packaged SA, so it's no biggie (which is good, i
didn't feel like writing config file parsing code :)
-dean
> > --- spamassassin-3.0.1/spamc/spamc.c.orig 2004-10-22 18:39:18.000000000
> > -0700
> > +++ spamassassin-3.0.1/spamc/spamc.c 2004-10-27 11:53:58.000000000
> > -0700
> > @@ -277,6 +277,10 @@
> > }
> > case 'u':
> > {
> > + if (getuid() && getgid() != getegid()) {
> > + printf("you are running setgid, and -u is permitted only
> > when root\n");
> > + ret = EX_USAGE;
> > + }
> > *username = optarg;
> > break;
> > }
