On Mon, 21 Feb 2005 11:41:55 -0500
John Peacock <[EMAIL PROTECTED]> wrote:
> The other thing that could be done is to make the return of temp_file
> be a subclass of IO::File, so a single hash entry could be both the
> filename and the filehandle, but it isn't such a big deal to open the
> file (and there may be plenty of times when you want to hand the
> filename to an external program to fill, rather than using it
> internally).
Just one thought: I'm using the clamav plugin to scan mails, but changed
it to use the faster clamdscan instead of clamscan. That required two
changes:
- put the clamav daemon user in the smtpd group.
- add a 'chmod 0640, $filename;' in plugins/virus/clamav before
executing clamdscan.
What would happen if the patch looked like
+ # Make sure the spool dir has appropriate rights
+ if (-e $spool_dir) {
+ my ($mode,$gid) = (stat($spool_dir))[2,5];
+ die "Permissions on spool_dir $spool_dir are not 0750" if $mode &
07027;
+ die "Group of spool_dir $spool_dir is not $)" unless ( $gid ==
$) );
+ }
hmm... $) and $( are both "$qgid $qgid" ... but it works anyway
[...snip...]
+sub temp_dir {
+ my $self = shift;
+ my $dirname = $self->temp_file();
+ -d $dirname or mkdir($dirname, 0750)
+ or die "Could not create temporary directory $dirname: $!";
+ return $dirname;
+}
...and let the admin be responsible for just putting the right
(virus scanner) users into the smtpd group.
Hanno
