http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5282
------- Additional Comments From [EMAIL PROTECTED] 2007-01-07 13:33 ------- So I think I understand why SpamAssassin runs in taint mode: you wouldn't want joe random user to include new code in their PERL5PATH, then trick spamassassin or spamd into running that code under whatever user the administrator has configured it. At the same time I think that what I'm requesting is not inappropriate. There *are* necessarily unconventional configurations, and the administrator of the system ought to be able to use PERL5LIB or a similar mechanism. What about allowing a PERLLIB-like specification inside init.pre? That file ought to be only accessible to administrators, and it would allow them to include the appropriate directories without opening the door to abuse by their users. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
