[wplug] SpamAssassin -- user_prefs security hole?
James O'Kane
jo2y at midnightlinux.com
Wed May 26 12:38:18 EDT 2004
On Wed, 26 May 2004, Brandon Kuczenski wrote:
> I see. That is potent indeed. Is there a way to make spamd not run as
> root?
>
You could start it as a different user, but the problem would be similar.
Users could run arbitrary perl as the user that is running spamd.
> I was under the impression that the user_prefs file is not even read
> unless allow_user_rules is set. But I just proved myself wrong with a
> simple test.
>
> Do you know how I can access debugging information from spamd? I can't
> figure out where it gets stored, if anywhere. Do I need to attach a
> stderr redirect to the spamd command?
I would look in /var/log/maillog
-james
More information about the wplug
mailing list