http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5728
Summary: [review] spamd -q/--sql-config and --ldap-config do not
disable setuid behaviour
Product: Spamassassin
Version: 3.2.3
Platform: Other
OS/Version: other
Status: NEW
Severity: normal
Priority: P5
Component: spamc/spamd
AssignedTo: [email protected]
ReportedBy: [EMAIL PROTECTED]
When using spamd with -q/--sql-config or --ldap-config, spamd currently will try
to use the default setuid behaviour and setuid to the passed in user. This
doesn't really make sense. If we wanted the setuid behaviour, we'd use
-Q/--setuid-with-sql and/or --setuid-with-ldap.
Now, if we're not going to setuid, we should also require -u as we do with
vpopmail or virtual-config-dir. (That said, should we require -u or should we
only require -u if spamd is not run as root?)
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
