Package: spampd Version: 2.30-1 Severity: important Hi,
at first I have to thank you for the - so far - well working spampd. Something I've waited for for a long time. After installing there popped two things in my eyes: 1. weird %s in syslog: For every scanned mail spampd generates several lines like Dec 20 04:59:31 one spampd[5490]: %s in the log. After looking through the resolved bugs I think this could probably be a result of the fix introduced in #332259, probably it's unnessessary now due to changes in the perl libraries!? That's only a guess. 2. spamassassin/autolearn uses /root/.spamassassin After checking the output of spampd in the emails I've seen an autolearn=failed entry from spamassassin. Starting spampd in debugging mode showed, that spampd's spammassassin tries to put it's stuff into /root/.spamassassin/: [28638] dbg: config: using "/root/.spamassassin/user_prefs" for user prefs file [28638] dbg: bayes: no dbs present, cannot tie DB R/O: /root/.spamassassin/bayes_toks [28638] dbg: bayes: no dbs present, cannot tie DB R/O: /root/.spamassassin/bayes_toks [28638] dbg: locker: safe_lock: created /root/.spamassassin/auto-whitelist.lock.one.recluse.de.28638 [28638] dbg: locker: safe_lock: trying to get lock on /root/.spamassassin/auto-whitelist with 0 retries [28638] dbg: locker: safe_lock: link to /root/.spamassassin/auto-whitelist.lock: link ok [28638] dbg: auto-whitelist: tie-ing to DB file of type DB_File R/W in /root/.spamassassin/auto-whitelist [28638] dbg: locker: safe_unlock: unlink /root/.spamassassin/auto-whitelist.lock This works while starting the daemon - seems it's still running as root at this time, but as soon as it has given up root rights and it's running as spampd it should be unable to access /root/.spamassassin, at least on a well configured system. [pid 31947] stat("/root/.spamassassin/bayes_toks", 0x508550) = -1 EACCES (Permission denied) [pid 31947] stat("/root/.spamassassin/bayes_toks.db", 0x508550) = -1 EACCES (Permission denied) [pid 31947] stat("/root/.spamassassin", 0x508550) = -1 EACCES (Permission denied) [pid 31947] stat("/root/.spamassassin", 0x508550) = -1 EACCES (Permission denied) [pid 31947] mkdir("/root/.spamassassin", 0700) = -1 EACCES (Permission denied) [pid 31947] stat("/root/.spamassassin", 0x508550) = -1 EACCES (Permission denied) This bug is a bit critical imho, such a daemon should not even try to access stuff in /root. To fix this spampd needs a home-directory (like /var/lib/spampd or something like that) and the spamassassin part should be loaded as the user spampd - or is there any reason to do this before giving up root rights? Unfortunately I can't come up with a path for this - my knowledge of perl is much much too minimal. If you need any more informations or if you have a bugfix to test please let me know. Best regards, Bernd Zeimetz -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.14.2-grsec Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages spampd depends on: ii adduser 3.80 Add and remove users and groups ii dpkg 1.13.11 package maintenance system for Deb ii libnet-server-perl 0.89-1 An extensible, general perl server ii perl 5.8.7-7 Larry Wall's Practical Extraction ii spamassassin 3.1.0a-1 Perl-based spam filter using text spampd recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]