http://bugzilla.spamassassin.org/show_bug.cgi?id=3586
------- Additional Comments From [EMAIL PROTECTED] 2004-07-13 12:46 ------- Subject: Re: perl setuid fails, breaking spamd in FreeBSD, MacOS X On Tue, Jul 13, 2004 at 11:44:53AM -0700, [EMAIL PROTECTED] wrote: > '1) Instead of spamd doing die, it really ought to just throw a loud warning, > and return "fail". This is, after all, just a rule.' > > -1. In this situation, we do not want the helper apps to run as root. We > should ensure that they do not get to run. IMO, "die" and it's exception-like > semantics are the best way to do that, rather than risking that a "return 0" > may be lost/ignored along the call stack. Note that the die's are already > caught and do not effect other rules anyway. um. right, that's why we would return "fail" and not run the helper app. ;) perhaps this wasn't fully clear in my initial statement. the die() currently happens in a child process, pre running the helper app. there's a filehandle between the child and parent for communication/output from helper app. so instead of calling die(), just close the filehandle and exit (we need to exit anyway since we're a child). do _not_ run the helper app. the calling spamd process will simply get an EOF when trying to read the output, and throw a "read failed" or whatever, and the rule doesn't trigger. btw: if I read the ticket correctly, the die() is apparently _NOT_ caught. that's what causes the sanity check issue via spamc. > re: autodetecting -- agreed this doesn't really seem to be possible. You > can't even detect at install time unless we get the user to run "make test" > as root, and I'm -1 on that idea. ;) ditto. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
