Charlie Brady wrote: > > > > On Thu, 22 Jan 2009, Robert Spier wrote: > > > Adam Prime wrote: > >> > >> Robert Spier wrote: > >>> Matt Sergeant wrote: > >>>> Should we "fix" qpsmtpd config loading to check for file permissions > >>>> as described in: http://use.perl.org/~Alias/journal/38319 ? > >>> We'd have to have a config setting to say what the appropriate config > >>> settings should be. :) > >> > >> You could at least confirm that the file isn't world writable. > > > > That would be a safe compromise. > > But still very wasteful of system calls (and CPU). There are a million > ways an admin could shoot herself in the foot - why should we check > for this particular one over and over?
I just don't see how this particular test is going to be 'very wasteful' in the scope of qpsmtpd -- an app that will spend most of it's time waiting on network io or backend (spamassassin) io. I don't really care if we add this check or not -- I just don't see how it's going to hurt, and if we're that concerned about doing a stat every time we open a file to read it, then we probably have other performance issues to fix. Or we could just cache the stat lookup and confirm it every few minutes. -R
