-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
ok, opened as http://bugzilla.spamassassin.org/show_bug.cgi?id=3934 BTW we really need to go via bugzilla to discuss this. history has shown that there are too many issues and patches to deal with via the lists alone, and they *will* get lost that way. - --j. dean gaudet writes: > On Wed, 27 Oct 2004, Justin Mason wrote: > > > Both will break existing usage at other sites; some thought for backwards > > compatibility is required before we could apply those to the distribution. > > In particular, defaulting to only allowing -u for root would break > > a *lot* of existing users running spamc from the MTA. > > i think the setgid portion is backward compatible -- it only restricts -u > to root when the executable is installed setgid. otherwise it allows -u > just fine... i'm guessing very few folks use a setgid spamc, but let me > know. > > as for the default transport -- i just figured out a local solution > that'll work with pre-packaged SA, so it's no biggie (which is good, i > didn't feel like writing config file parsing code :) > > -dean > > > > --- spamassassin-3.0.1/spamc/spamc.c.orig 2004-10-22 18:39:18.000000000 > > > -0700 > > > +++ spamassassin-3.0.1/spamc/spamc.c 2004-10-27 11:53:58.000000000 > > > -0700 > > > @@ -277,6 +277,10 @@ > > > } > > > case 'u': > > > { > > > + if (getuid() && getgid() != getegid()) { > > > + printf("you are running setgid, and -u is permitted only > > > when root\n"); > > > + ret = EX_USAGE; > > > + } > > > *username = optarg; > > > break; > > > } -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Exmh CVS iD8DBQFBgBcXMJF5cimLx9ARAmbxAKC5u7LaQkvO58yErVEefosi+Y6G1QCfbETj rwA7pcLqinF4FAwqF4mDugw= =9/7Q -----END PGP SIGNATURE-----
