[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: spamassassin a possible security risk?



On Mon, 2004-10-18 at 21:36 -0500, John Thompson wrote:
> Not on my FreeBSD machine:
> 
> Oct 18 21:27:30 amayatra spamd[51657]: info: setuid to root succeeded
> Oct 18 21:27:30 amayatra spamd[51657]: Still running as root: user not
> specified with -u, not found, or set to root.  Fall back to nobody.

Looks like you are ignoring two important security recommendations:
1.) never work as root
2.) root get's no mail

Tom

-- 
  T h o m a s   Z e h e t b a u e r   ( TZ251 )
  PGP encrypted mail preferred - KeyID 96FFCB89
      finger thomasz hostmaster org for key

Those, who are willing to give up essential liberty
for the sake of short-term security
deserve neither liberty nor security.
                                - Benjamin Franklin



Attachment: signature.asc
Description: This is a digitally signed message part


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]