* Michael Orlitzky: > (a) we still have a dumb security vulnerability, in that these daemons > can modify each others' files
That vulnerability has existed as long as the second package came around and re-used the "milter" user, and to my knowledge nothing bad has come of it so far. I have an open PR[1] that the QA checks on GitHub will not allow to pass unless I migrate milter-regex to using acct-* instead of user.eclass, so that is what I did. [1] https://github.com/gentoo/gentoo/pull/13964 > (b) you have to be careful not to do anything in acct-user/milter that > could break someone's opendmarc setup Milter-regex only needs a user to isolate the process and it's single configuration file (/etc/milter-regex.conf). My PR adds acct-user/milter without a home directory, because milter-regex does not need one, nor does it write anything to disk. It is designed to hold everything in memory only. Could that lack of a home directory hurt OpenDMARC? I use OpenDMARC and milter-regex on the same servers and did not run into problems. -Ralph
