http://bugzilla.spamassassin.org/show_bug.cgi?id=4161
------- Additional Comments From [EMAIL PROTECTED] 2005-05-25 00:01 ------- At first, site-wide bayes requires 777 permission, it is true and works fine including my server. What I mention in this BUG is "group-wide" bayes sharing. I'm a typical UNIX/Linux user, so when I saw the file permission specificantion with octal number in configuration files, I thought that personal/group-wide/system-wide configurations are availbale. IMHO, this feeling is sharable with a lot of UNIX/Linux users/administrators. However, spamd provides personal/system-wide settings now. Usually I make "users" group for real users. Distinguishing daemons from the others is one of the most popular technique for security, especially for fail-safe purpose. If another daemon programme was unfortunately cracked, separated groups could minimize its affection. Actually, perhaps I have no file which has 0777/0666 permission in my machines. Only one exception is spamd related files. Therefore, I prefer to set up spamd for specific group. IMHO, possible solutions are: 1. fix the programme to support group-wide setting. 2. note that spamd doesn't support group-wide DB sharing in the document "README.spamd". In addition, fix the programme to warn the user when the permission 770(or 660) is specified. Anyway, this bug isn't serious for me, so I set "minor" for severity. However, this can be serious for people who really worry about security, and then, the solution no. 2 may be not acceptable for them. Though I can't remember the site, but I found some people who have had problems with group permission. Now, I've found a page (it's not the same one I found before), e.g. http://perlcode.org/lists/vps-mail/msg00898.html ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
