On Thu, 10 Feb 2011, Adam Katz wrote: > On 02/10/2011 10:21 AM, David F. Skoll wrote: > > Aieee.... popen() in security-sensitive software!??!?? > > > > Also, why does the milter process run as root? That seems like a huge > > hole all by itself. > > Does this affect sendmail as well as postfix?
It only affects you if you're running with -x. This was patched in Debian and Redhat in March of 2010. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573228 Don Armstrong -- "There's no problem so large it can't be solved by killing the user off, deleting their files, closing their account and reporting their REAL earnings to the IRS." -- The B.O.F.H.. http://www.donarmstrong.com http://rzlab.ucr.edu _______________________________________________ Spamass-milt-list mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/spamass-milt-list
