Your message dated Fri, 15 Jun 2012 07:17:33 +0000
with message-id <[email protected]>
and subject line Bug#623861: fixed in spamassassin 3.3.2-3
has caused the Debian Bug report #623861,
regarding /etc/cron.daily/spamassassin running sa-update as root
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
623861: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=623861
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: spamassassin
Version: 3.3.1-2
Severity: important
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
The cron script (/etc/cron.daily/spamassassin) runs sa-update as root.
However, sa-update pulls spamassassin rules from the net
(updates.spamassassin.org by default). It seems to me that running
sa-update as root is a really BAD idea. I do not want the root user
on my system to be pulling data off of the net if it can be avoided.
And it seems like it can in this case, since sa-update could be run by
a non-priviledged user.
I think that /etc/cron.daily/spamassassin should either be modified to
run sa-update as a non-priviledged user (presumably something like
spamd). Either that or the sa-update portion itself should be run
under the non-priviledged user in /etc/cron.d/spamassassin.
Thanks.
jamie.
- -- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (600, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-5-686 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages spamassassin depends on:
pn libarchive-tar-perl <none> (no description available)
ii libdigest-sha1-perl 2.13-1 NIST SHA-1 message digest algorith
ii libhtml-parser-perl 3.68-1 collection of modules that parse H
ii libnet-dns-perl 0.66-2 Perform DNS queries from a Perl sc
ii libnetaddr-ip-perl 4.042+dfsg-1 IP address manipulation module
ii libsocket6-perl 0.23-1 Perl extensions for IPv6
ii libsys-hostname-long-perl 1.4-2 Figure out the long (fully-qualifi
ii libwww-perl 6.01-3 simple and consistent interface to
ii perl 5.10.1-19 Larry Wall's Practical Extraction
ii perl-modules [libio-zlib-pe 5.10.1-19 Core Perl modules
Versions of packages spamassassin recommends:
ii gcc 4:4.5.2-2 The GNU C compiler
ii gnupg 1.4.11-3 GNU privacy guard - a free PGP rep
ii libc6-dev 2.11.2-11 Embedded GNU C Library: Developmen
ii libio-socket-inet6-perl 2.65-1.1 Object interface for AF_INET6 doma
ii libmail-spf-perl 2.007-1 Perl implementation of Sender Poli
ii make 3.81-8.1 An utility for Directing compilati
ii perl [libsys-syslog-perl] 5.10.1-19 Larry Wall's Practical Extraction
ii re2c 0.13.5-1 tool for generating fast C-based r
ii spamc 3.3.1-2 Client for SpamAssassin spam filte
Versions of packages spamassassin suggests:
pn libdbi-perl <none> (no description available)
ii libio-socket-ssl-perl 1.39-1 Perl module implementing object or
pn libmail-dkim-perl <none> (no description available)
pn libnet-ident-perl <none> (no description available)
ii perl [libcompress-zlib-perl] 5.10.1-19 Larry Wall's Practical Extraction
pn pyzor <none> (no description available)
pn razor <none> (no description available)
- -- no debconf information
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCAAGBQJNsyobAAoJEO00zqvie6q8YlQQAIYkCYJNuGMBZEYKZ1sTmdZy
QrUOzYjTkGOR8bkJ79WLDH0iqx9ZU5DV0kZrfgAsHViXaK4eXLIL2HhTUWTwrR5A
01l0Pd35ZB+UwQMRcUh7wITBXRMHzNJ1pBYtSI8O0M3m3elTS5c6AZH5Iy3QiN/P
c/8o0mq0HzpCPveedzmlw37KuC0ZiDgirT2HK2z2UI6b5M8hOiQMOQEBpfW/StTh
G2D7hvzvCi/3aQvayqRiMJ8PD40n5TGup8i9fyVOuPZN+WZkjgMAXIct+dwumK4p
v9tbttikWp+EoLHcFRdctTQDJp5L6NQRx7jsQnnwPLOtfihNdTQA7oopgQfl9mSk
FHquf4Cie/xD/IjS0sA90XJ5sx7hty0y2WvAkHccj4W5exZvGxGVGOGyaeOhlYCh
OIHY0/6woXIO92YYMeyZFbqBStAvgmJkTPod/b/P/wQiQbR0Ba5sGnZWX7FbpeD4
quCrEzBvlJ82Fmq7LyL1M3nWCoDaEDRjiHex83xkLtNOSoTBPDH4ycv22F8q29Ok
SCr9xX5qHqH18Bq5NSUdOa5zehfz7Cy5XvJMYPDI418WdFDUkyxHmNkH7vEJinDT
ib/M64VWNnl0y2+QY0UuBYABIoZx7FJPnu28TQ2ZVxqh4tVkTHMTQEnoKgu5Xzjv
jVlndR6mJM3kYy28WQID
=dHE1
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
Source: spamassassin
Source-Version: 3.3.2-3
We believe that the bug you reported is fixed in the latest version of
spamassassin, which is due to be installed in the Debian FTP archive:
spamassassin_3.3.2-3.debian.tar.gz
to main/s/spamassassin/spamassassin_3.3.2-3.debian.tar.gz
spamassassin_3.3.2-3.dsc
to main/s/spamassassin/spamassassin_3.3.2-3.dsc
spamassassin_3.3.2-3_all.deb
to main/s/spamassassin/spamassassin_3.3.2-3_all.deb
spamc_3.3.2-3_i386.deb
to main/s/spamassassin/spamc_3.3.2-3_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
[email protected] (supplier of updated spamassassin package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 14 Jun 2012 23:00:01 -0700
Source: spamassassin
Binary: spamassassin spamc
Architecture: source all i386
Version: 3.3.2-3
Distribution: unstable
Urgency: low
Maintainer: Noah Meyerhans <[email protected]>
Changed-By: [email protected]
Description:
spamassassin - Perl-based spam filter using text analysis
spamc - Client for SpamAssassin spam filtering daemon
Closes: 504154 521064 598573 623861 674016
Changes:
spamassassin (3.3.2-3) unstable; urgency=low
.
* Run sa-update and sa-compile as a non-root user.
(Closes: 623861, 504154)
* Store the default gpg keyring in /var/lib/spamassassin
* Pod cleanup (Closes: 521064)
* Note sa-check_spamd's incompatibility with Nagios EPM (Closes: 598573)
* Adjust perms on /var/lib/spamassassin/compiled after running sa-compile
in the cron.daily, not on all of /var/lib/spamassassin
* Set CFLAGS and LDFLAGS using dpkg-buildflags (Closes: 674016)
Checksums-Sha1:
30a60c2eb461ec32383d2b1df7262156e0fdde52 1463 spamassassin_3.3.2-3.dsc
d596534f8a39a09bd1d44aabb68ae070b8977d32 38232
spamassassin_3.3.2-3.debian.tar.gz
8a94951611f18f02d6b7af56001fc68a47ead0ff 1269248 spamassassin_3.3.2-3_all.deb
3b9f685e968a9b31eeed41cae2d40edad4af4429 75542 spamc_3.3.2-3_i386.deb
Checksums-Sha256:
98b6249bfc5074b71b359ff94fc9e0cc2b140061e3302962a6bd981989cdd88b 1463
spamassassin_3.3.2-3.dsc
bdbfad8fd6f034bcaf317d3cbde6df7203da8c6e985d1966168b9bab48aa5c01 38232
spamassassin_3.3.2-3.debian.tar.gz
10e354489cdd64b6b46285ec8de9d8cbd6563d4476e6430e3637621b9d2b35e4 1269248
spamassassin_3.3.2-3_all.deb
88b0cd0356f49abe147357c57da769fdff56bf1ecac8ff9fe1f50af8f2c85c98 75542
spamc_3.3.2-3_i386.deb
Files:
b0e287d01eef0228c4bffd722fd55409 1463 mail optional spamassassin_3.3.2-3.dsc
8334c67175075ce33c3ed7e000698905 38232 mail optional
spamassassin_3.3.2-3.debian.tar.gz
58eff7c06f237173e83afe5062ed5ad1 1269248 mail optional
spamassassin_3.3.2-3_all.deb
b0aefb27cd5c059b21ac714d6bd41ea5 75542 mail optional spamc_3.3.2-3_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFP2t5+YrVLjBFATsMRAuy6AJ4vrPdyzJekhVU5cS7772iz8iU33wCeNWWN
e1DtT+MDWOhPH7DONPbILqc=
=qiHB
-----END PGP SIGNATURE-----
--- End Message ---