On 16 Apr 2018, at 19:01 (-0400), John Hardin wrote:
On Mon, 16 Apr 2018, Computer Bob wrote:
Why should sa-learn not be run as root ?
That's a general safe practice. Do as little as root as you possibly
can. Why risk a root crack from an unknown bug in sa-learn that
somebody has discovered and figured out how to exploit via email?
Right: don't let malicious strangers talk to root, even via email.
ALSO: sa-learn itself won't stop you from running it as root. Without a
global bayes_path, it will learn into ~root/.spamassassin/bayes_* files
which no other user can access and spamd can't even TRY to use because
it refuses to run as root and drops to 'nobody' if run by root. With a
global bayes_path, the bayes_* files will become owned by root and
everything else trying to use them (i.e. everything) will fail.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole
