http://bugzilla.spamassassin.org/show_bug.cgi?id=3577
Summary: SIGHUP doesn't work if non-root and priv port
Product: Spamassassin
Version: SVN Trunk (Latest Devel Version)
Platform: Other
OS/Version: other
Status: NEW
Severity: normal
Priority: P5
Component: spamc/spamd
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]
I was just noticing that if you do something like:
root# spamd -u nobody -d
which launches spamd as user "nobody". Then you send a SIGHUP to the parent,
the restart will fail (can't bind to the default port 783) and the spamd process
dies. This will happen for any setting of "-p" < 1024 ...
This usually isn't an issue, since people seem to have linked "-u non-root" and
"-p non-priv". So I think for 3.0 we can just document the issue, and can go
ahead and fix it for 3.1 after the branch opens.
My suggestion: We really ought to have the parent stay with privilege (root)
all the time, and have the kids drop privilege (if -u specified) ASAP when they
get spawned. This doesn't cause a security issue per se since all the parent
does is control the children -- users/network connections talk to the children
only. (if this is an issue for anyone, note that 'httpd', for one, does it this
way...)
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
