On Thu, 14 Nov 2002, Michael Stenner wrote: > On Thu, Nov 14, 2002 at 10:41:27AM -0800, Bart Schaefer wrote: > > Nope. Spamc specifically MUST NOT be a setuid executable. Rather, at > > run time it must be able to execute the setuid() [or seteuid()] system > > call, which means it must be running as root > > OK, so there is no way for me to run spamc from my .procmailrc and use > my own scores, rules, and AWL. We WANT that functionality.
The password scheme could be extended to use a per-user password file if spamc and spamd were on the same machine. The important thing is that spamc verify that _it_ is allowed to act either as (a) a trusted pseudo-user or (b) the user it's passing to spamd. Don't ask spamd for privileges spamc itself doesn't have. ------------------------------------------------------- This sf.net email is sponsored by: To learn the basics of securing your web site with SSL, click here to get a FREE TRIAL of a Thawte Server Certificate: http://www.gothawte.com/rd524.html _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
