You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Justin Mason <jm...@jmason.org> on 2005/08/08 22:49:15 UTC
Re: [sa-list] Re: spamd children run as root (again)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
ah, good to hear -- although it would have been nice to have had that
noted on bug 3900, which was still listed as "awaiting confirmation"...
- --j.
Charles Sprickman writes:
> I've seen this problem as well, even in the latest "ports" version. Still
> runs as root. If I apply the attached patch (obtained from one of the
> bugzilla entries), it works properly. Running FBSD 4.11 w/perl 5.6.2
> (5.8.7 had the same problem, I backed out of 5.8 since it chewed up more
> memory than I was comfortable with).
>
> Charles
>
> On Mon, 8 Aug 2005, Dan Mahoney, System Admin wrote:
>
> > On Tue, 26 Apr 2005, Justin Mason wrote:
> >
> >>
> >> It's specifically a problem with perl on *BSD platforms -- there's
> >> a bug open about it, but it's stalled because we don't have any
> >> developers with BSD machines ;)
> >
> > Anyone want a test machine where this is occurring? Where it DIDN'T occur
> > before under 3.0.3? Contact me offlist.
> >
> > I've had a bugzilla report sitting in "NEW" status for over a month now, I
> > think. I flagged it as "security" because I a) thought maybe there was some
> > priority to that and b) actually believe it to be, but nobody has done
> > anything with it.
> >
> > http://bugzilla.spamassassin.org/show_bug.cgi?idD98
> >
> > -Dan
> >
> >>
> >> at least on some platforms (MacOS X) it appears perl's setuid
> >> support substantially does not work.
> >>
> >> --j.
> >>
> >> Brandon Kuczenski writes:
> >>> I've seen this question posted a couple times in the mailing list archives
> >>> (from October 2004) but no resolution. The question again:
> >>>
> >>> I'm running SpamAssassin 3.0.2 on FreeBSD 4.10 in spamc/spamd format with
> >>> the '-u spamd' flag. Problem is, all the child processes are running as
> >>> root:
> >>>
> >>> $ ps aux | grep spam
> >>> root 333 0.0 10.1 27636 25932 ?? I 11Apr05 1:03.83 spamd
> >>> child (perl)
> >>> root 332 0.0 10.5 29020 27032 ?? I 11Apr05 1:07.96 spamd
> >>> child (perl)
> >>> root 331 0.0 9.7 26544 24852 ?? I 11Apr05 0:52.68 spamd
> >>> child (perl)
> >>> root 330 0.0 9.9 27152 25524 ?? I 11Apr05 1:04.40 spamd
> >>> child (perl)
> >>> root 329 0.0 9.8 26864 25116 ?? I 11Apr05 0:58.08 spamd
> >>> child (perl)
> >>> spamd 294 0.0 7.1 22392 18220 ?? Is 11Apr05 0:01.61
> >>> /usr/local/bin/spamd -d -c -u spamd -H /home/spamd -r /var/run/spamd.pid
> >>> (perl)
> >>> $
> >>>
> >>> Is this intended or is it a bug? The two threads I've seen that pertain
> >>> to it (both dating from Oct04) are left unresolved:
> >>> http://thread.gmane.org/gmane.mail.spam.spamassassin.general/57900
> >>> http://thread.gmane.org/gmane.mail.spam.spamassassin.general/58087
> >>>
> >>> The practical consequence of this (aside from the unorthodoxy -- undesired
> >>> processes owned by root) is that the permissions of my
> >>> ~user/.spamassassin/bayes_journal file get changed to root:spamd 0660.
> >>> I wanted them to be spamd:user 0660, so that the user can run
> >>> sa-learn without asking for root's help. Is that not the 'right way' to
> >>> do things?
> >>>
> >>> Has there been a resolution to this question? If not, .. doesn't
> >>> everybody have this problem? Or is it not a problem? If not, why not?
> >>>
> >>> -Brandon
> >> ------------ Output from gpg ------------
> >> gpg: WARNING: using insecure memory!
> >> gpg: please see http://www.gnupg.org/faq.html for more information
> >> gpg: Signature made Tue Apr 26 19:09:08 2005 EDT using DSA key ID 298BC7D0
> >> gpg: Good signature from "Justin Mason <jm...@jmason.org>"
> >> gpg: WARNING: This key is not certified with a trusted signature!
> >> gpg: There is no indication that the signature belongs to the
> >> owner.
> >> Primary key fingerprint: 1368 71CE 3627 9CD3 FA1B 0B63 3091 7972 298B C7D0
> >>
> >>
> >
> > --
> >
> > "Don't try to out-wierd me. I get stranger things than you free with my
> > breakfast cereal."
> >
> > -Button seen at I-CON XVII (and subsequently purchased)
> >
> > --------Dan Mahoney--------
> > Techie, Sysadmin, WebGeek
> > Gushi on efnet/undernet IRC
> > ICQ: 13735144 AIM: LarpGM
> > Site: http://www.gushi.org
> > ---------------------------
> >
> >
> --0-343817720-1123532392=:14641
> Content-Type: TEXT/PLAIN; charset=US-ASCII; name="spamd-euid.patch"
> Content-Transfer-Encoding: BASE64
> Content-ID: <Pi...@gee5.nat.fasttrackmonkey.com>
> Content-Description:
> Content-Disposition: attachment; filename="spamd-euid.patch"
>
> LS0tIHNwYW1kLm9sZAlXZWQgT2N0IDEzIDE2OjQ5OjU4IDIwMDQNCisrKyBz
> cGFtZAlUaHUgT2N0IDE0IDIwOjE1OjUzIDIwMDQNCkBAIC03MDAsNiArNzAw
> LDE1IEBADQogICAjIENoYW5nZSBVSUQNCiAgICQ+ID0gJHV1aWQ7ICAgICAg
> ICAgICAgIyBlZmZlY3RpdmUgdWlkDQogICAkPCA9ICR1dWlkOyAgICAgICAg
> ICAgICMgcmVhbCB1aWQuIHdlIG5vdyBjYW5ub3Qgc2V0dWlkIGFueW1vcmUN
> CisNCisgIGlmICggJDwgIT0gJHV1aWQgKSB7DQorICAgIHdhcm4oImluaXRp
> YWwgYXR0ZW1wdCB0byBjaGFuZ2UgcmVhbCB1aWQgZmFpbGVkLCB0cnlpbmcg
> QlNEIHdvcmthcm91bmQiKSBpZiAkb3B0eydkZWJ1Zyd9Ow0KKw0KKyAgICAk
> PiA9ICQ8OwkJCSMgcmV2ZXJ0IGV1aWQgdG8gcnVpZA0KKyAgICAkPCA9ICR1
> dWlkOwkJCSMgY2hhbmdlIHJ1aWQgdG8gdGFyZ2V0DQorICAgICQ+ID0gJHV1
> aWQ7CQkJIyBjaGFuZ2UgZXVpZCBiYWNrIHRvIHRhcmdldA0KKyAgfQ0KKw0K
> ICAgaWYgKCAkPiAhPSAkdXVpZCBhbmQgJD4gIT0gKCAkdXVpZCAtIDIqKjMy
> ICkgKSB7DQogICAgIGRpZSAiZmF0YWw6IHNldHVpZCB0byB1aWQgJHV1aWQg
> ZmFpbGVkXG4iOw0KICAgfQ0K
>
> --0-343817720-1123532392=:14641--
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Exmh CVS
iD8DBQFC98VLMJF5cimLx9ARAinPAJ4liaAFAHjBS9grfkXYNLhvhUzJKwCgqWFd
wA0I06Ox514Q27ttExFG4WM=
=Amth
-----END PGP SIGNATURE-----
RE: [sa-list] Re: spamd children run as root (again)
Posted by Sander Holthaus - Orange XL <in...@orangexl.com>.
I've been running spamc and spamd (3.0.4) on FreeBSD 4.10 with Perl 5.8.5
for quite a while, but using the -u vmail flag doesn't cause any problems.
vmail 15329 0.0 2.9 59052 30300 ?? INsJ 5:55AM 0:03.05
/usr/local/bin/spamd -x -d -m 2 -r /var/run/spamd/spamd.pid -u vmail
--socketpath=/tmp/spamd.sock -H /usr/local/mail/.spamassassin
vmail 15355 0.0 5.9 64984 61072 ?? INJ 5:55AM 1:39.07 spamd child
(perl5.8.5)
vmail 15356 0.0 6.0 67352 63096 ?? INJ 5:55AM 0:24.58 spamd child
(perl5.8.5)
However, it does behave odd when using sa-learn. Sometimes (but only
sometimes), it will change the owner of one of the bayes_ files or
bayes.mutex to root. :-?
Sander Holthaus
Dan Mahoney, System Admin wrote:
> On Tue, 9 Aug 2005, Craig McLean wrote:
>
> I applied the patch, and it fixed things on my end. I noted
> in my PR that it was also odd to me that before, the children
> showed in ps as "perl" and afterwards as "perl5.8.6" or something
> very similar.
>
>> FWIW I *don't* see this issue on FBSD 5.2.1 running SA 3.0.4 with
>> perl
>> 5.6.1
>>
>> Craig.
>>
>> Justin Mason wrote:
>>>
>>> ah, good to hear -- although it would have been nice to
> have had that
>> noted on bug 3900, which was still listed as "awaiting
>> confirmation"...
>>>
>>> --j.
>>>
>>> Charles Sprickman writes:
>>>
>>>>> I've seen this problem as well, even in the latest "ports"
>>>>> version. Still runs as root. If I apply the attached patch
>>>>> (obtained from one of the
>> bugzilla entries), it works properly. Running FBSD 4.11 w/perl 5.6.2
>> (5.8.7 had the same problem, I backed out of 5.8 since it chewed up
>> more
>>>>> memory than I was comfortable with).
>>>>> Charles
>>>>> On Mon, 8 Aug 2005, Dan Mahoney, System Admin wrote:
>>>>>> On Tue, 26 Apr 2005, Justin Mason wrote:
>>>>>>> It's specifically a problem with perl on *BSD platforms --
>>>>>>> there's a
>> bug open about it, but it's stalled because we don't have any
>> developers with BSD machines ;)
>>>>>> Anyone want a test machine where this is occurring? Where it
>>>>>> DIDN'T
>> occur
>>>>>> before under 3.0.3? Contact me offlist.
>>>>>> I've had a bugzilla report sitting in "NEW" status for over a
>>>>>> month
>> now, I
>>>>>> think. I flagged it as "security" because I a) thought maybe
>>>>>> there
>> was some
>>>>>> priority to that and b) actually believe it to be, but nobody has
>>>>>> done
>>
>>>>>> anything with it.
>>>>>> http://bugzilla.spamassassin.org/show_bug.cgi?idD98
>>>>>> -Dan
>>>>>>> at least on some platforms (MacOS X) it appears perl's setuid
>>>>>>> support
>> substantially does not work.
>>>>>>> --j.
>>>>>>> Brandon Kuczenski writes:
>>>>>>>> I've seen this question posted a couple times in the mailing
>>>>>>>> list
>> archives
>>>>>>>> (from October 2004) but no resolution. The question again:
>>>>>>>> I'm running SpamAssassin 3.0.2 on FreeBSD 4.10 in spamc/spamd
>>>>>>>> format
>> with
>>>>>>>> the '-u spamd' flag. Problem is, all the child processes are
>>>>>>>> running as root: $ ps aux | grep spam
>>>>>>>> root 333 0.0 10.1 27636 25932 ?? I 11Apr05
>>>>>>>> 1:03.83 spamd child (perl) root 332 0.0 10.5 29020 27032
>>>>>>>> ?? I 11Apr05 1:07.96 spamd child (perl) root 331
>>>>>>>> 0.0 9.7 26544 24852 ?? I 11Apr05 0:52.68 spamd child
>>>>>>>> (perl) root 330 0.0 9.9 27152 25524 ?? I 11Apr05
>>>>>>>> 1:04.40 spamd child (perl) root 329 0.0 9.8 26864 25116
>>>>>>>> ?? I 11Apr05 0:58.08 spamd child (perl) spamd 294
>>>>>>>> 0.0 7.1 22392 18220 ?? Is 11Apr05
> 0:01.61
>> /usr/local/bin/spamd -d -c -u spamd -H /home/spamd -r
>> /var/run/spamd.pid
>>>>>>>> (perl)
>>>>>>>> $
>>>>>>>> Is this intended or is it a bug? The two threads I've seen
>>>>>>>> that pertain to it (both dating from Oct04) are left
>>>>>>>> unresolved:
>>>>>>>>
> http://thread.gmane.org/gmane.mail.spam.spamassassin.general/579
>>>>>>>> 00
>> http://thread.gmane.org/gmane.mail.spam.spamassassin.general/58087
>> The practical consequence of this (aside from the unorthodoxy --
>> undesired
>>>>>>>> processes owned by root) is that the permissions of my
>>>>>>>> ~user/.spamassassin/bayes_journal file get changed to
>>>>>>>> root:spamd 0660. I wanted them to be spamd:user 0660, so that
>>>>>>>> the user can run
>> sa-learn without asking for root's help. Is that not the 'right way'
>> to
>>>>>>>> do things?
>>>>>>>> Has there been a resolution to this question? If not, ..
>>>>>>>> doesn't
>> everybody have this problem? Or is it not a problem? If not, why
>> not?
>>>>>>>> -Brandon
>>>>>>> ------------ Output from gpg ------------
>> 298BC7D0
>> gpg: There is no indication that the signature belongs to
>> the
>>>>>>> owner.
>> 298B C7D0
>>>>>> --
>>>>>> "Don't try to out-wierd me. I get stranger things than you free
>>>>>> with
>> my
>>>>>> breakfast cereal."
>>>>>> -Button seen at I-CON XVII (and subsequently purchased)
>>>>>> --------Dan Mahoney-------- Techie, Sysadmin, WebGeek Gushi on
>>>>>> efnet/undernet IRC ICQ: 13735144 AIM: LarpGM
>>>>>> Site: http://www.gushi.org
>>>>>> ---------------------------
>>>>> --0-343817720-1123532392=:14641
>>>>> Content-Type: TEXT/PLAIN; charset=US-ASCII;
>>>>> name="spamd-euid.patch" Content-Transfer-Encoding: BASE64
>>>>> Content-ID:
>> <Pi...@gee5.nat.fasttrackmonkey.com>
>>>>> Content-Description:
>>>>> Content-Disposition: attachment; filename="spamd-euid.patch"
>>>>> LS0tIHNwYW1kLm9sZAlXZWQgT2N0IDEzIDE2OjQ5OjU4IDIwMDQNCisrKyBz
>>>>> cGFtZAlUaHUgT2N0IDE0IDIwOjE1OjUzIDIwMDQNCkBAIC03MDAsNiArNzAw
>>>>> LDE1IEBADQogICAjIENoYW5nZSBVSUQNCiAgICQ+ID0gJHV1aWQ7ICAgICAg
>>>>> ICAgICAgIyBlZmZlY3RpdmUgdWlkDQogICAkPCA9ICR1dWlkOyAgICAgICAg
>>>>> ICAgICMgcmVhbCB1aWQuIHdlIG5vdyBjYW5ub3Qgc2V0dWlkIGFueW1vcmUN
>>>>> CisNCisgIGlmICggJDwgIT0gJHV1aWQgKSB7DQorICAgIHdhcm4oImluaXRp
>>>>> YWwgYXR0ZW1wdCB0byBjaGFuZ2UgcmVhbCB1aWQgZmFpbGVkLCB0cnlpbmcg
>>>>> QlNEIHdvcmthcm91bmQiKSBpZiAkb3B0eydkZWJ1Zyd9Ow0KKw0KKyAgICAk
>>>>> PiA9ICQ8OwkJCSMgcmV2ZXJ0IGV1aWQgdG8gcnVpZA0KKyAgICAkPCA9ICR1
>>>>> dWlkOwkJCSMgY2hhbmdlIHJ1aWQgdG8gdGFyZ2V0DQorICAgICQ+ID0gJHV1
>>>>> aWQ7CQkJIyBjaGFuZ2UgZXVpZCBiYWNrIHRvIHRhcmdldA0KKyAgfQ0KKw0K
>>>>> ICAgaWYgKCAkPiAhPSAkdXVpZCBhbmQgJD4gIT0gKCAkdXVpZCAtIDIqKjMy
>>>>> ICkgKSB7DQogICAgIGRpZSAiZmF0YWw6IHNldHVpZCB0byB1aWQgJHV1aWQg
>>>>> ZmFpbGVkXG4iOw0KICAgfQ0K --0-343817720-1123532392=:14641--
>>>
>>
>>
>>
>>
>>
>>
>> ------------ Output from gpg ------------
>> gpg: WARNING: using insecure memory!
>> gpg: please see http://www.gnupg.org/faq.html for more information
>> gpg: Signature made Tue Aug 9 09:02:12 2005 EDT using DSA key ID
>> 2D95C09E gpg: BAD signature from "Craig McLean (Local Address)
>> <cr...@craig.dnsalias.com>"
Re: [sa-list] Re: spamd children run as root (again)
Posted by "Dan Mahoney, System Admin" <da...@prime.gushi.org>.
On Tue, 9 Aug 2005, Craig McLean wrote:
I applied the patch, and it fixed things on my end. I noted in my PR that
it was also odd to me that before, the children showed in ps as "perl" and
afterwards as "perl5.8.6" or something very similar.
> FWIW I *don't* see this issue on FBSD 5.2.1 running SA 3.0.4 with perl 5.6.1
>
> Craig.
>
> Justin Mason wrote:
>>
>> ah, good to hear -- although it would have been nice to have had that
> noted on bug 3900, which was still listed as "awaiting confirmation"...
>>
>> --j.
>>
>> Charles Sprickman writes:
>>
>>>> I've seen this problem as well, even in the latest "ports" version.
> Still
>>>> runs as root. If I apply the attached patch (obtained from one of the
> bugzilla entries), it works properly. Running FBSD 4.11 w/perl 5.6.2
> (5.8.7 had the same problem, I backed out of 5.8 since it chewed up
> more
>>>> memory than I was comfortable with).
>>>> Charles
>>>> On Mon, 8 Aug 2005, Dan Mahoney, System Admin wrote:
>>>>> On Tue, 26 Apr 2005, Justin Mason wrote:
>>>>>> It's specifically a problem with perl on *BSD platforms -- there's a
> bug open about it, but it's stalled because we don't have any
> developers with BSD machines ;)
>>>>> Anyone want a test machine where this is occurring? Where it DIDN'T
> occur
>>>>> before under 3.0.3? Contact me offlist.
>>>>> I've had a bugzilla report sitting in "NEW" status for over a month
> now, I
>>>>> think. I flagged it as "security" because I a) thought maybe there
> was some
>>>>> priority to that and b) actually believe it to be, but nobody has done
>
>>>>> anything with it.
>>>>> http://bugzilla.spamassassin.org/show_bug.cgi?idD98
>>>>> -Dan
>>>>>> at least on some platforms (MacOS X) it appears perl's setuid support
> substantially does not work.
>>>>>> --j.
>>>>>> Brandon Kuczenski writes:
>>>>>>> I've seen this question posted a couple times in the mailing list
> archives
>>>>>>> (from October 2004) but no resolution. The question again:
>>>>>>> I'm running SpamAssassin 3.0.2 on FreeBSD 4.10 in spamc/spamd format
> with
>>>>>>> the '-u spamd' flag. Problem is, all the child processes are
> running as
>>>>>>> root:
>>>>>>> $ ps aux | grep spam
>>>>>>> root 333 0.0 10.1 27636 25932 ?? I 11Apr05 1:03.83
> spamd
>>>>>>> child (perl)
>>>>>>> root 332 0.0 10.5 29020 27032 ?? I 11Apr05 1:07.96
> spamd
>>>>>>> child (perl)
>>>>>>> root 331 0.0 9.7 26544 24852 ?? I 11Apr05 0:52.68
> spamd
>>>>>>> child (perl)
>>>>>>> root 330 0.0 9.9 27152 25524 ?? I 11Apr05 1:04.40
> spamd
>>>>>>> child (perl)
>>>>>>> root 329 0.0 9.8 26864 25116 ?? I 11Apr05 0:58.08
> spamd
>>>>>>> child (perl)
>>>>>>> spamd 294 0.0 7.1 22392 18220 ?? Is 11Apr05 0:01.61
> /usr/local/bin/spamd -d -c -u spamd -H /home/spamd -r
> /var/run/spamd.pid
>>>>>>> (perl)
>>>>>>> $
>>>>>>> Is this intended or is it a bug? The two threads I've seen that
> pertain
>>>>>>> to it (both dating from Oct04) are left unresolved:
>>>>>>> http://thread.gmane.org/gmane.mail.spam.spamassassin.general/57900
> http://thread.gmane.org/gmane.mail.spam.spamassassin.general/58087
> The practical consequence of this (aside from the unorthodoxy --
> undesired
>>>>>>> processes owned by root) is that the permissions of my
>>>>>>> ~user/.spamassassin/bayes_journal file get changed to root:spamd
> 0660.
>>>>>>> I wanted them to be spamd:user 0660, so that the user can run
> sa-learn without asking for root's help. Is that not the 'right
> way' to
>>>>>>> do things?
>>>>>>> Has there been a resolution to this question? If not, .. doesn't
> everybody have this problem? Or is it not a problem? If not, why
> not?
>>>>>>> -Brandon
>>>>>> ------------ Output from gpg ------------
> 298BC7D0
> gpg: There is no indication that the signature belongs to
> the
>>>>>> owner.
> 298B C7D0
>>>>> --
>>>>> "Don't try to out-wierd me. I get stranger things than you free with
> my
>>>>> breakfast cereal."
>>>>> -Button seen at I-CON XVII (and subsequently purchased)
>>>>> --------Dan Mahoney--------
>>>>> Techie, Sysadmin, WebGeek
>>>>> Gushi on efnet/undernet IRC
>>>>> ICQ: 13735144 AIM: LarpGM
>>>>> Site: http://www.gushi.org
>>>>> ---------------------------
>>>> --0-343817720-1123532392=:14641
>>>> Content-Type: TEXT/PLAIN; charset=US-ASCII; name="spamd-euid.patch"
> Content-Transfer-Encoding: BASE64
>>>> Content-ID:
> <Pi...@gee5.nat.fasttrackmonkey.com>
>>>> Content-Description:
>>>> Content-Disposition: attachment; filename="spamd-euid.patch"
>>>> LS0tIHNwYW1kLm9sZAlXZWQgT2N0IDEzIDE2OjQ5OjU4IDIwMDQNCisrKyBz
>>>> cGFtZAlUaHUgT2N0IDE0IDIwOjE1OjUzIDIwMDQNCkBAIC03MDAsNiArNzAw
>>>> LDE1IEBADQogICAjIENoYW5nZSBVSUQNCiAgICQ+ID0gJHV1aWQ7ICAgICAg
>>>> ICAgICAgIyBlZmZlY3RpdmUgdWlkDQogICAkPCA9ICR1dWlkOyAgICAgICAg
>>>> ICAgICMgcmVhbCB1aWQuIHdlIG5vdyBjYW5ub3Qgc2V0dWlkIGFueW1vcmUN
>>>> CisNCisgIGlmICggJDwgIT0gJHV1aWQgKSB7DQorICAgIHdhcm4oImluaXRp
>>>> YWwgYXR0ZW1wdCB0byBjaGFuZ2UgcmVhbCB1aWQgZmFpbGVkLCB0cnlpbmcg
>>>> QlNEIHdvcmthcm91bmQiKSBpZiAkb3B0eydkZWJ1Zyd9Ow0KKw0KKyAgICAk
>>>> PiA9ICQ8OwkJCSMgcmV2ZXJ0IGV1aWQgdG8gcnVpZA0KKyAgICAkPCA9ICR1
>>>> dWlkOwkJCSMgY2hhbmdlIHJ1aWQgdG8gdGFyZ2V0DQorICAgICQ+ID0gJHV1
>>>> aWQ7CQkJIyBjaGFuZ2UgZXVpZCBiYWNrIHRvIHRhcmdldA0KKyAgfQ0KKw0K
>>>> ICAgaWYgKCAkPiAhPSAkdXVpZCBhbmQgJD4gIT0gKCAkdXVpZCAtIDIqKjMy
>>>> ICkgKSB7DQogICAgIGRpZSAiZmF0YWw6IHNldHVpZCB0byB1aWQgJHV1aWQg
>>>> ZmFpbGVkXG4iOw0KICAgfQ0K
>>>> --0-343817720-1123532392=:14641--
>>
>
>
>
>
>
>
> ------------ Output from gpg ------------
> gpg: WARNING: using insecure memory!
> gpg: please see http://www.gnupg.org/faq.html for more information
> gpg: Signature made Tue Aug 9 09:02:12 2005 EDT using DSA key ID 2D95C09E
> gpg: BAD signature from "Craig McLean (Local Address) <cr...@craig.dnsalias.com>"
>
>
--
"She's been getting attacked by these leeches, they're leaving these marks
all over her neck. You gotta keep her out of those woods. If one more
leech gets her, she's gonna get a smack."
-Someone's Mother, December 18th, 1998
--------Dan Mahoney--------
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM
Site: http://www.gushi.org
---------------------------
Re: [sa-list] Re: spamd children run as root (again)
Posted by Craig McLean <cr...@craig.dnsalias.com>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
FWIW I *don't* see this issue on FBSD 5.2.1 running SA 3.0.4 with perl 5.6.1
Craig.
Justin Mason wrote:
>
> ah, good to hear -- although it would have been nice to have had that
noted on bug 3900, which was still listed as "awaiting confirmation"...
>
> --j.
>
> Charles Sprickman writes:
>
>>>I've seen this problem as well, even in the latest "ports" version.
Still
>>>runs as root. If I apply the attached patch (obtained from one of the
bugzilla entries), it works properly. Running FBSD 4.11 w/perl 5.6.2
(5.8.7 had the same problem, I backed out of 5.8 since it chewed up
more
>>>memory than I was comfortable with).
>>>Charles
>>>On Mon, 8 Aug 2005, Dan Mahoney, System Admin wrote:
>>>>On Tue, 26 Apr 2005, Justin Mason wrote:
>>>>>It's specifically a problem with perl on *BSD platforms -- there's a
bug open about it, but it's stalled because we don't have any
developers with BSD machines ;)
>>>>Anyone want a test machine where this is occurring? Where it DIDN'T
occur
>>>>before under 3.0.3? Contact me offlist.
>>>>I've had a bugzilla report sitting in "NEW" status for over a month
now, I
>>>>think. I flagged it as "security" because I a) thought maybe there
was some
>>>>priority to that and b) actually believe it to be, but nobody has done
>>>>anything with it.
>>>>http://bugzilla.spamassassin.org/show_bug.cgi?idD98
>>>>-Dan
>>>>>at least on some platforms (MacOS X) it appears perl's setuid support
substantially does not work.
>>>>>--j.
>>>>>Brandon Kuczenski writes:
>>>>>>I've seen this question posted a couple times in the mailing list
archives
>>>>>>(from October 2004) but no resolution. The question again:
>>>>>>I'm running SpamAssassin 3.0.2 on FreeBSD 4.10 in spamc/spamd format
with
>>>>>>the '-u spamd' flag. Problem is, all the child processes are
running as
>>>>>>root:
>>>>>>$ ps aux | grep spam
>>>>>>root 333 0.0 10.1 27636 25932 ?? I 11Apr05 1:03.83
spamd
>>>>>>child (perl)
>>>>>>root 332 0.0 10.5 29020 27032 ?? I 11Apr05 1:07.96
spamd
>>>>>>child (perl)
>>>>>>root 331 0.0 9.7 26544 24852 ?? I 11Apr05 0:52.68
spamd
>>>>>>child (perl)
>>>>>>root 330 0.0 9.9 27152 25524 ?? I 11Apr05 1:04.40
spamd
>>>>>>child (perl)
>>>>>>root 329 0.0 9.8 26864 25116 ?? I 11Apr05 0:58.08
spamd
>>>>>>child (perl)
>>>>>>spamd 294 0.0 7.1 22392 18220 ?? Is 11Apr05 0:01.61
/usr/local/bin/spamd -d -c -u spamd -H /home/spamd -r
/var/run/spamd.pid
>>>>>>(perl)
>>>>>>$
>>>>>>Is this intended or is it a bug? The two threads I've seen that
pertain
>>>>>>to it (both dating from Oct04) are left unresolved:
>>>>>>http://thread.gmane.org/gmane.mail.spam.spamassassin.general/57900
http://thread.gmane.org/gmane.mail.spam.spamassassin.general/58087
The practical consequence of this (aside from the unorthodoxy --
undesired
>>>>>>processes owned by root) is that the permissions of my
>>>>>>~user/.spamassassin/bayes_journal file get changed to root:spamd
0660.
>>>>>>I wanted them to be spamd:user 0660, so that the user can run
sa-learn without asking for root's help. Is that not the 'right
way' to
>>>>>>do things?
>>>>>>Has there been a resolution to this question? If not, .. doesn't
everybody have this problem? Or is it not a problem? If not, why
not?
>>>>>>-Brandon
>>>>>------------ Output from gpg ------------
298BC7D0
gpg: There is no indication that the signature belongs to
the
>>>>>owner.
298B C7D0
>>>>--
>>>>"Don't try to out-wierd me. I get stranger things than you free with
my
>>>>breakfast cereal."
>>>>-Button seen at I-CON XVII (and subsequently purchased)
>>>>--------Dan Mahoney--------
>>>>Techie, Sysadmin, WebGeek
>>>>Gushi on efnet/undernet IRC
>>>>ICQ: 13735144 AIM: LarpGM
>>>>Site: http://www.gushi.org
>>>>---------------------------
>>>--0-343817720-1123532392=:14641
>>>Content-Type: TEXT/PLAIN; charset=US-ASCII; name="spamd-euid.patch"
Content-Transfer-Encoding: BASE64
>>>Content-ID:
<Pi...@gee5.nat.fasttrackmonkey.com>
>>>Content-Description:
>>>Content-Disposition: attachment; filename="spamd-euid.patch"
>>>LS0tIHNwYW1kLm9sZAlXZWQgT2N0IDEzIDE2OjQ5OjU4IDIwMDQNCisrKyBz
>>>cGFtZAlUaHUgT2N0IDE0IDIwOjE1OjUzIDIwMDQNCkBAIC03MDAsNiArNzAw
>>>LDE1IEBADQogICAjIENoYW5nZSBVSUQNCiAgICQ+ID0gJHV1aWQ7ICAgICAg
>>>ICAgICAgIyBlZmZlY3RpdmUgdWlkDQogICAkPCA9ICR1dWlkOyAgICAgICAg
>>>ICAgICMgcmVhbCB1aWQuIHdlIG5vdyBjYW5ub3Qgc2V0dWlkIGFueW1vcmUN
>>>CisNCisgIGlmICggJDwgIT0gJHV1aWQgKSB7DQorICAgIHdhcm4oImluaXRp
>>>YWwgYXR0ZW1wdCB0byBjaGFuZ2UgcmVhbCB1aWQgZmFpbGVkLCB0cnlpbmcg
>>>QlNEIHdvcmthcm91bmQiKSBpZiAkb3B0eydkZWJ1Zyd9Ow0KKw0KKyAgICAk
>>>PiA9ICQ8OwkJCSMgcmV2ZXJ0IGV1aWQgdG8gcnVpZA0KKyAgICAkPCA9ICR1
>>>dWlkOwkJCSMgY2hhbmdlIHJ1aWQgdG8gdGFyZ2V0DQorICAgICQ+ID0gJHV1
>>>aWQ7CQkJIyBjaGFuZ2UgZXVpZCBiYWNrIHRvIHRhcmdldA0KKyAgfQ0KKw0K
>>>ICAgaWYgKCAkPiAhPSAkdXVpZCBhbmQgJD4gIT0gKCAkdXVpZCAtIDIqKjMy
>>>ICkgKSB7DQogICAgIGRpZSAiZmF0YWw6IHNldHVpZCB0byB1aWQgJHV1aWQg
>>>ZmFpbGVkXG4iOw0KICAgfQ0K
>>>--0-343817720-1123532392=:14641--
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)
iD8DBQFC+KlUMDDagS2VwJ4RAsYyAKCGZ3LGHHhuJOIXNdu43Hh6h07f0ACcDfjy
EUJ3FDtN4kcbCy0hLeciYwc=
=S3k6
-----END PGP SIGNATURE-----