You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2005/07/28 04:07:03 UTC
[Bug 4506] New: spamd needs to call initgroups
http://bugzilla.spamassassin.org/show_bug.cgi?id=4506
Summary: spamd needs to call initgroups
Product: Spamassassin
Version: SVN Trunk (Latest Devel Version)
Platform: Other
OS/Version: other
Status: NEW
Severity: minor
Priority: P5
Component: spamc/spamd
AssignedTo: dev@spamassassin.apache.org
ReportedBy: jm@jmason.org
(moved from bug 4161, since that conflates 2 issues in one bugzilla report...)
Tatsuo Sekine reports:
------- Additional Comment #2 From Tatsuo Sekine 2005-03-01 18:12 [reply] -------
I have still a problem.
I have no time to check the source code, but IMHO, we need initgroups()
after drop privilidge with setuid() in spamd.
I'm sharing bayes DB with group R/W permission
and without world wide R/W permission (2770)
That group is not my primaly group, so initgroups() should be
called before access it.
I don't like world wide readable/writable permission :-<
------- Additional Comment #3 From Tatsuo Sekine 2005-03-01 21:36 [reply] -------
Sorry, but I was confused.
Firstly, I need initgroups() (, which is in C library).
According to "$perldoc perlvar" :
$) The effective gid of this process. If you are on a machine
that supports membership in multiple groups simultaneously,
gives a space separated list of groups you are in. The first
number is the one returned by getegid(), and the subsequent
ones by getgroups(), one of which may be the same as the first
number.
Probably, some people concern about security issue. So, IMHO, it
is best to add a configuration parameter to call/not call getgroups.
Anyway, I need "getgroups()" in spamc/{handle_user(),handle_user_with...()}
like:
$supplmental_groups = join(' ', getgroups());
$) = "$gid " . $supplemental_groups;
[...]
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4506] spamd needs to call initgroups
Posted by bu...@bugzilla.spamassassin.org.
http://bugzilla.spamassassin.org/show_bug.cgi?id=4506
tsekine@sdri.co.jp changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |tsekine@sdri.co.jp
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4506] spamd needs to call initgroups
Posted by bu...@bugzilla.spamassassin.org.
http://bugzilla.spamassassin.org/show_bug.cgi?id=4506
------- Additional Comments From jm@jmason.org 2005-07-27 19:08 -------
Created an attachment (id=3043)
--> (http://bugzilla.spamassassin.org/attachment.cgi?id=3043&action=view)
the initgroups portion of that sample implementation from bug 4161
moved from bug 4161, same as
http://bugzilla.spamassassin.org/attachment.cgi?id=3042
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4506] spamd needs to call initgroups
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4506
jm@jmason.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|Undefined |3.3.0
------- Additional Comments From jm@jmason.org 2007-07-11 02:55 -------
a poster on the users list has asked for this to be added; aiming at 3.3.0
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.