This user switching is for reading per-user configurations only and I think can be mitigated by making the per-user config world readable.
Furthermore from the README.spamd.gz you've mentioned "If a fault is found in spamd or spamassassin code, any third party linked-libraries or imported perl modules there is the potential for abuse of both the running uid of spamd, and the uid of the username supplied by spamc (and this could be any user)." I'm not sure how many LOC but there is quite a slew of extra code with all the plugins that ship with SA. I question if all this code is maintained with the same attention and security awareness as other parts of the mail stack. I know all other parts are not executed as root. Of course statistics wouldn't have hurt ;-). -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to spamassassin in Ubuntu. https://bugs.launchpad.net/bugs/1442087 Title: don't run as root by default To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/spamassassin/+bug/1442087/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
