Can't write into world-writable directories?

[Peter Guhl <pg...@siconline.ch>]

Cannot write to /root/.spamassassin/user_prefs: Permission denied

/root/.spamassassin/ is world-writable (of course I can't leave it like
this, but apparently this error message points me to the wrong
direction.

FreeBSD 5.4, Spamassassin 3.0.3.

Everybody heard about before? 

Regards
   Peter
-- 
Peter Guhl <pg...@siconline.ch>
NetzWerkCenter GmbH

Re: Can't write into world-writable directories?

[Steven Dickenson <st...@mrchuckles.net>]

Peter Guhl wrote:
> Sendmail, Spamass-Milter.
> 
> After installing spamass-milter it is set to run as root but it has a
> security fallback; it doesn't use root all the time. Maybe that's
> causing this behaviour that it writes into /root/.spamassassin but using
> the user "spamd".

Likely so.  I would set the bayes path explicitly in local.cf 
(bayes_path option) to a certain location, and ensure that this 
"fallback" account that Spamass-Milter is using has write privledges 
there.  I'm not familir with Sendmail or it's milters, so this is all I 
can offer.

- S

Re: Can't write into world-writable directories?

[Peter Guhl <pg...@siconline.ch>]

On Thu, 2005-06-09 at 11:05 -0400, Steven Dickenson wrote:
> Peter Guhl wrote:
> > Well, still... somehow I don't get why the software is running as spamd
> > and tries to write into /root. I wouldn't say anything if the sofware
> > inwvolved wasn't designed to cooperate (spamd, spamass-milter). But -
> > well, it works now.
> 
> Whatever is calling spamc (or interfacing with spamd) is setting the 
> username to root.  This is general a bad thing, IMHO.

Well, you are right. But that's something I can handle if I want - just
didn't have the time yet.

> What MTA are you running?  How are you calling spamassassin?

Sendmail, Spamass-Milter.

After installing spamass-milter it is set to run as root but it has a
security fallback; it doesn't use root all the time. Maybe that's
causing this behaviour that it writes into /root/.spamassassin but using
the user "spamd".

Regards
   Peter

-- 
Peter Guhl <pg...@siconline.ch>
NetzWerkCenter GmbH

Re: Can't write into world-writable directories?

[Steven Dickenson <st...@mrchuckles.net>]

Peter Guhl wrote:
> Well, still... somehow I don't get why the software is running as spamd
> and tries to write into /root. I wouldn't say anything if the sofware
> inwvolved wasn't designed to cooperate (spamd, spamass-milter). But -
> well, it works now.

Whatever is calling spamc (or interfacing with spamd) is setting the 
username to root.  This is general a bad thing, IMHO.

What MTA are you running?  How are you calling spamassassin?

- S

Re: Can't write into world-writable directories?

[Cevher <ce...@yore.com.tr>]

Peter Guhl wrote:

>Nope, it was right. But it needed to explicitly own .spamassassin to
>spamd:spamd. World-writable didn't work... (maybe /root is specially
>protected?).
>
>  
>
/root isn't protected specially, it is protected with file permissions. 
You can't write to /root directory unless you have write and execute 
permissions for the /root directory.

-- 
Cevher Cemal Bozkur
+-+-+-+-+-+-+-+-+-+
YÖRE NET Teknoloji
Tel:+90 212 234 00 90

Re: Can't write into world-writable directories?

[Peter Guhl <pg...@siconline.ch>]

On Thu, 2005-06-09 at 13:03 +0200, Peter Guhl wrote:
> Cannot write to /root/.spamassassin/user_prefs: Permission denied
> 
> /root/.spamassassin/ is world-writable (of course I can't leave it like
> this, but apparently this error message points me to the wrong
> direction.

Nope, it was right. But it needed to explicitly own .spamassassin to
spamd:spamd. World-writable didn't work... (maybe /root is specially
protected?).

Well, still... somehow I don't get why the software is running as spamd
and tries to write into /root. I wouldn't say anything if the sofware
inwvolved wasn't designed to cooperate (spamd, spamass-milter). But -
well, it works now.

Regards
   Peter

-- 
Peter Guhl <pg...@siconline.ch>
NetzWerkCenter GmbH