Dan Mahoney, System Admin wrote: >> >> Definitely not. >> >> Look at the prompts. Miguel is running spamassassin as root. >> >> Miguel is running spamc as root, but spamd will *NEVER* scan mail as >> root. It >> will setuid itself to nobody if it finds this situation. > > > At least, not on a recent version -- this was a rather prominent bug > under many OSen.
Very true, that is a definite caveat to my statement that "spamd will never scan mail as root". I suppose a better statement would be "spamd should never scan mail as root". That said, AFAIK the "many OSen" are limited *BSD variants, including Mac OS X. In this case RedHat is the OS, which is Linux kernel based, which I think is immune to this issue due to differences in how the Linux kernel handles setuid as compared to the BSD kernel.