Kārlis Repsons <karlis.reps...@gmail.com> wrote: > All, > I'd like you to review approximately how I'm running spamd. My concern > is security. You can see that the child processes are run by spamd user, > but the main process is still run by root: > > ps -C spamd -o user,cmd > USER CMD > root /usr/sbin/spamd -d -r /var/run/spamd.pid -m 2 -u spamd > --nouser-config --helper-home-dir=/sysram/spamassassin --allow-tell > spamd spamd child > spamd spamd child > > How secure is that (no I didn't make any crazed chroots or so) and what > would you suggest to isolate spamd from possible outside intrusions? > Thanks...
Do you need spamd changing OS user ids? (e.g. to access ~/.spamassassin/ ) I have used "personal" [single (non root) OS user] spamd without any problems. -- [pl>en: Andrew] Andrzej Adam Filip : a...@onet.eu I have made this letter longer than usual because I lack the time to make it shorter. -- Blaise Pascal
