Re: Bayes filter marking everything as ham

Thu, 02 Jun 2016 02:22:37 -0700 


Am 02.06.2016 um 06:48 schrieb Peter Carlson:

In fact, now that I am confident the script is correct and that my email
chain is in fact processing as I would like, I have moved the script
into cron as user amavis.  With amavis having read permissions to the
appropriate folders ($user/{SPAM|HAM}).


i doubt that this will work out over the long, but not my problem


su -c... I'll keep in mind if I ever want to run the script manually



well, i run such scripts as root with cron so that i can make sure 
permissions are 100% correct and then anything else got started with "su"



Although if I run it manually as root is there really a risk?  Are there
any known attacks?  I guess there could be some form of buffer overflow,
or malformed content that causes SA to crash, but it's hard for me to
imagine anything that could possible allow execution of some form of
injected code.  Or is this really just a case of "general best
practices", "run as little as possible as root"?  (Please dont read
anything into my questions, I am truly curious)


it's simply "run as little as possible as root"
i am curious why one would like to run something with full permissions


On 06/01/2016 09:11 PM, Reindl Harald wrote:


Am 02.06.2016 um 05:06 schrieb Peter Carlson:

ok, after over 50 hours of trying to get this work, I finally have a
solution.
The first (certainly not the only) response that was helpful to the
specific problem I posted was:


If that actually *did* get hits on BAYES_00 in this scenario then you
likely are not training the bayes database than SA is actually using.
What user are you training Bayes as, and what user is SA running under?

Both my sa-learn commands (manual and scripted) as well as SA pointed to
the correct db, however it turns out the training I did re-wrote the
ownership of the db files to root.  A little bit of user permission
adminning and that problem was solved.  sigh, way too many hours lost on
a permissions issue


in other words you are running sa-learn as root while it faces by
definition untrusted content from the web in case of spammails

su -c "command" - username





Attachment:
signature.asc

Description: OpenPGP digital signature
























					Reply via email to