Henrik K <[EMAIL PROTECTED]> wrote: > On Thu, May 29, 2008 at 08:50:15AM +0300, Tuomo Soini wrote: >> Mark Martinec wrote: >> | >>> Indeed, thanks for a bug report, amavisd-new-2.6.0 drops privileges >>> too early. Until I have this fixed, please provide a chroot directory >>> through a command line using option -R, e.g.: >> | >> Another problem with 2.6.0 is that it drops privileges too early and >> can't open pid file in /var/run. > > Why /var/run? By default it's $MYHOME/amavisd.pid. From securitys point of > view, there is no reason to write files as root. Or to even start > amavisd as root if you are not chrooting.
The directory a process is chrooted to should *never* be writable by the process itself due to security reasons! I suggest changing $MYHOME/amavisd.pid to something like $MYHOME/var/run/amavisd.pid. ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
