In the last episode (Feb 10), Don Armstrong said:
> On Thu, 10 Feb 2011, Adam Katz wrote:
> > On 02/10/2011 10:21 AM, David F. Skoll wrote:
> > > Aieee.... popen() in security-sensitive software!??!??
> > >
> > > Also, why does the milter process run as root? That seems like a huge
> > > hole all by itself.
> >
> > Does this affect sendmail as well as postfix?
>
> It only affects you if you're running with -x. This was patched in
> Debian and Redhat in March of 2010.
>
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573228
I thought I committed the patch to CVS, but apparently hadn't. It's
committed now, and I'll do a release this weekend.
--
Dan Nelson
[email protected]
_______________________________________________
Spamass-milt-list mailing list
[email protected]
http://lists.nongnu.org/mailman/listinfo/spamass-milt-list
