spamassassin a possible security risk?
Mike Burger
mburger at bubbanfriends.org
Tue Oct 19 17:10:22 UTC 2004
On Tue, 19 Oct 2004, Thomas Zehetbauer wrote:
> On Mon, 2004-10-18 at 21:36 -0500, John Thompson wrote:
> > Not on my FreeBSD machine:
> >
> > Oct 18 21:27:30 amayatra spamd[51657]: info: setuid to root succeeded
> > Oct 18 21:27:30 amayatra spamd[51657]: Still running as root: user not
> > specified with -u, not found, or set to root. Fall back to nobody.
>
> Looks like you are ignoring two important security recommendations:
> 1.) never work as root
> 2.) root get's no mail
Root could get mail, but that's not the important thing.
Spamd, itself, is not what's at issue in that message...it's actually
spamc, or another program that is connecting to spamd in the same way
spamc is.
For example, the citadel project (http://www.citadel.org) can and will
check incoming messages through a direct connection to spamd. However,
while the citserver process runs as user "bbs" (at least on my system),
the connection to spamd is reported, by spamd, as coming from root, and I
see exactly the same message as above.
I'm not aware of any actual security issues, however, from a spamc type
client connecting to spamd as 'root'.
--
Mike Burger
http://www.bubbanfriends.org
Visit the Dog Pound II BBS
telnet://dogpound2.citadel.org or http://dogpound2.citadel.org
To be notified of updates to the web site, visit
http://www.bubbanfriends.org/mailman/listinfo/site-update, or send a
message to:
site-update-request at bubbanfriends.org
with a message of:
subscribe
More information about the users
mailing list