spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrzej Adam Filip <>
Subject Re: Securing spamd [single (non root) OS user]
Date Fri, 08 Jul 2011 17:00:50 GMT
Kārlis Repsons <> wrote:
> All,
> I'd like you to review approximately how I'm running spamd. My concern
> is security. You can see that the child processes are run by spamd user,
> but the main process is still run by root:
> ps -C spamd -o user,cmd
> USER     CMD
> root     /usr/sbin/spamd -d -r /var/run/ -m 2 -u spamd --nouser-config --helper-home-dir=/sysram/spamassassin
> spamd    spamd child
> spamd    spamd child
> How secure is that (no I didn't make any crazed chroots or so) and what
> would you suggest to isolate spamd from possible outside intrusions?
> Thanks...

Do you need spamd changing OS user ids? (e.g. to access ~/.spamassassin/ )

I have used "personal" [single (non root) OS user] spamd without any problems.

[pl>en: Andrew] Andrzej Adam Filip :
I have made this letter longer than usual because I lack the time to
make it shorter.
  -- Blaise Pascal

View raw message