[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: spamassassin a possible security risk?



On Tue, 19 Oct 2004, Thomas Zehetbauer wrote:

> On Mon, 2004-10-18 at 21:36 -0500, John Thompson wrote:
> > Not on my FreeBSD machine:
> > 
> > Oct 18 21:27:30 amayatra spamd[51657]: info: setuid to root succeeded
> > Oct 18 21:27:30 amayatra spamd[51657]: Still running as root: user not
> > specified with -u, not found, or set to root.  Fall back to nobody.
> 
> Looks like you are ignoring two important security recommendations:
> 1.) never work as root
> 2.) root get's no mail

Root could get mail, but that's not the important thing.

Spamd, itself, is not what's at issue in that message...it's actually 
spamc, or another program that is connecting to spamd in the same way 
spamc is.

For example, the citadel project (http://www.citadel.org) can and will 
check incoming messages through a direct connection to spamd.  However, 
while the citserver process runs as user "bbs" (at least on my system), 
the connection to spamd is reported, by spamd, as coming from root, and I 
see exactly the same message as above.

I'm not aware of any actual security issues, however, from a spamc type 
client connecting to spamd as 'root'.

-- 
Mike Burger
http://www.bubbanfriends.org

Visit the Dog Pound II BBS
telnet://dogpound2.citadel.org or http://dogpound2.citadel.org

To be notified of updates to the web site, visit 
http://www.bubbanfriends.org/mailman/listinfo/site-update, or send a 
message to:

site-update-request bubbanfriends org

with a message of: 

subscribe


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]