You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by Enrik Berkhan <En...@akk.org> on 2005/01/27 16:12:50 UTC
--auth-ident like identification for PF_UNIX sockets
Hi,
setup summary:
spamc called from exim on a per-user-basis:
spamcheck:
driver = pipe
use_bsmtp = true
batch_max = 1
command = /usr/sbin/exim4 -oMr spam-scanned -bS
transport_filter = /usr/bin/spamc -u ${local_part} -U /var/run/spamd
user = Debian-exim
group = Debian-exim
...
spamd:
/usr/sbin/spamd --socketpath=/var/run/spamd ...
Of course, this is insecure, because any local user can call spamc on
another local user's behalf.
To solve this, I've implemented
1.) SO_PEERCRED authentication for PF_UNIX sockets (including unsolved
portability issue concerning "struct ucred" unpacking)
2.) a "trusted user" who may set any other user via the User: header if
identified correctly
Thus, Debian-exim (trusted user) can use "-u $local_part" even with
identification. Now the spamd command line becomes
/usr/sbin/spamd --socketpath=/var/run/spamd --auth-ident --trusted-user
Debian-exim ...
I'll include the spamd diff just in case someone finds it useful. Of
course, the --trusted-user option could be augmented to allow an array
of trusted users.
Cheers,
Enrik