spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tóth Attila <at...@atoth.sote.hu>
Subject spamassassin /etc/shadow access
Date Wed, 10 Feb 2010 06:11:57 GMT
Sorry for bringing up this topic again. It was previously discussed in 2006:
http://markmail.org/message/76w27on2gf44262g

I still don't see an established reason why spamassassin should tamper
with shadow. From 2006: "Doesn't do anything other to see if their is a
matching entry in both /etc/passwd and /etc/shadow and it checks to see if
the user is still able to log in."
For a matching entry /etc/passwd is enough. And what if the user cannot
login?
Even sa-learn tries to read shadow. If I'm running it, I'm running it.
Aren't I?

Would it be possible to disable shadow checks using an option? I don't
like programs running UID 0 being able to read /etc/shadow. Only if it's
reasonable.

I just want to shorten my RBAC denial logs - by getting rid of unnecessary
system activities.

Regards,
Dw.
-- 
dr Tóth Attila, Radiológus, 06-20-825-8057, 06-30-5962-962
Attila Toth MD, Radiologist, +36-20-825-8057, +36-30-5962-962


Mime
View raw message