http://bugzilla.spamassassin.org/show_bug.cgi?id=3586
------- Additional Comments From [EMAIL PROTECTED] 2004-07-13 11:44 ------- BTW see also this thread on perl5-porters: http://archive.develooper.com/[email protected]/msg95384.html http://archive.develooper.com/[email protected]/msg95385.html http://archive.develooper.com/[email protected]/msg95387.html aha! the MacOS X behaviour is a confirmed perl bug -- perl#24122: http://www.xray.mpe.mpg.de/mailing-lists/perl5-porters/2003-10/msg00495.html Anyway. Theo -- perl -e 'sub p {print "RUID: $<, EUID: $>\n";} p; $< = 1000; $> = 1000; p;' doesn't work on FreeBSD? that's whta that spfd thread suggests... if that at least works on FreeBSD, we can throw in a kludge for that, fixing half of the problem OSes ;) It may work where "$>=1000; $<=1000;" doesn't, because of the ordering. '1) Instead of spamd doing die, it really ought to just throw a loud warning, and return "fail". This is, after all, just a rule.' -1. In this situation, we do not want the helper apps to run as root. We should ensure that they do not get to run. IMO, "die" and it's exception-like semantics are the best way to do that, rather than risking that a "return 0" may be lost/ignored along the call stack. Note that the die's are already caught and do not effect other rules anyway. However, if the 'throw a loud warning, and return "fail"' idea is implemented in terms of catching that specific "die" using an eval { } block in the helper-app running code, and turning it into a prettier error message, then +1, that'd be fine ;) However I agree it'll need doco -- probably a top FAQ item. re: autodetecting -- agreed this doesn't really seem to be possible. You can't even detect at install time unless we get the user to run "make test" as root, and I'm -1 on that idea. ;) PS: for setuid reference docs: http://www.cs.berkeley.edu/~hchen/paper/usenix02.html also some stuff about saved userIDs (argh!): http://www.xray.mpe.mpg.de/mailing-lists/perl5-porters/2004-05/msg00699.html ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
