http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5728
------- Additional Comments From [EMAIL PROTECTED] 2007-11-27 13:57 -------
(In reply to comment #6)
> (In reply to comment #5)
> > Now, does anyone have an opinion on whether we should be checking for -u or
> > that
> > $> != 0?
>
> can you clarify?
This whole section of code hurts my brain.
I believe under the current code, you can't run
"spamd --vpopmail" or "spamd --virtual-config-dir" as a non-root user. We
specifically check to see if these options are used without the "--username"
option and die.
With my change, this also applies to "spamd --sql-config" and "spamd
--ldap-config".
The quick fix (I think) is to wrap this code (and the like)
if ( $opt{'vpopmail'} ) {
if ( !$opt{'username'} ) {
die "spamd: cannot use --vpopmail without -u\n";
}
}
with an "if ($setuid_to_user) {}" or "if ($> == 0) {}" block.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
