On Mon, 15 Jul 2013, Jari Fredriksson wrote:
15.07.2013 19:51, Benny Pedersen kirjoitti:
Christian Dysthe skrev den 2013-07-15 15:16:
Spamassassin runs fine but I have one remaining error message in the
logs:
spamd: still running as root: user not specified with -u
spamd uses default port 783, with is below 1024 imho :=)
only ports over 1023 can run as daemons without started as root
if you like to change the problem, i will say apache does the same
problem on port 80, is there any secureity problem with that ?, well
apache start as root yes, but it drops priveledges for port 80 when
started, if spamd does the same its perfectly ok
spamd starts as root anyway, then it changes to the given user. I think
it goes this way.
It uses the Apache model. There is a parent process that runs as root
to manage the sockets which then forks off children as the "-u" user to
actually process the messages. If you don't specify the "-u" user
the children stay as root and it barks at you because it's a potential
security risk.
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
