On Wed, 9 Sep 2015 17:27:54 +0200 Marc Richter wrote: > Hi RW, > > > Do you mean that ww is a unix user? The normal way to do this is to > > run spamd as root and run spamc as the unix user. Passing -u to > > spamc is really intended for virtual users, I'm not sure whether it > > works for unix users. Are you sure it worked before? > > ww is a unix user, yes. And it worked before, yes.
Supporting that sounds like a really bad idea. It would mean that any user could make a spamd child run as any unix user they choose - possibly even root. It's an unnecessary risk of privilege escalation. It also gives users too much access to each other's databases. A malicious user would be able to miss-train another user's Bayes or manipulate reputations in TxRep or AWL. It would also be possible to infer some of the contents of another users TxRep database from suitable test emails.
