On Fri, May 07, 2010 at 02:51:37PM +0200, Stevan Baji?? wrote: > On Fri, 7 May 2010 14:37:49 +0200 > Julien Valroff <jul...@kirya.net> wrote: > > [...] > > Well, both, though you are right, my first thoughts were for the use of > > suExec for the > > WebGUI. > > > The WebGUI is actually doing two things: > 1) reading data from DSPAM_HOME > 2) executing the dspam binary > > To avoid suExec for (1) you need to have ALL data in the database. Not only > quarantine. > To avoid suExec for (2) you could add the web server user to be a trusted > user. > > The WebGUI however would need to be much more complex if everything is in a > database. The UI would need to implement direct access logic to the database. > Right now the WebGUI is storage backend unaware. >
We run the web server as the same user as we run DSPAM as a trusted user to avoid both (1) and (2). It works very well and no suExec needed. Regards, Ken ------------------------------------------------------------------------------ _______________________________________________ Dspam-user mailing list Dspam-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspam-user
