[wplug] SpamAssassin -- user_prefs security hole?
Brandon Kuczenski
brandon at 301south.net
Tue May 25 19:26:43 EDT 2004
The SpamAssassin documentation explains that it is a security risk to
allow individual users to write their own rules:
allow_user_rules { 0 | 1 } (default: 0)
This setting allows users to create rules (and only rules) in their
"user_prefs" files for use with "spamd". It defaults to off,
because this could be a severe security hole. It may be possible
for users to gain root level access if "spamd" is run as root.
Does anyone have an idea why this is? If such a practice is discouraged,
how are individual users supposed to customize their filters? Are they
*not* supposed to? Whyever not?
I just read "Cuckoo's Egg" By Cliff Stoll and am all paranoid about
security now. (would love to have an off-list discussion with someone
about the book, if you've read it -- it's a little dated and kinda
clunkily self-satisfied at the end, but fascinating nonetheless, if you
haven't)
-Brandon
More information about the wplug
mailing list