-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Thomas Zehetbauer wrote:
| Although I know of no exploit at the moment I find it quite risky that | Fedora currently comes configured to | | 1) run spamd as root
Spamd can be configured to run as a different user and on FreeBSD at least -- I don't run SA on my Fedora box -- it defaults to running as user "nobody" if it is invoked as "root" with no "-u [name]" option.
Try "grep spamd /var/log/maillog" and see if your spamd is reverting to "nobody" when it runs.
- --
- -John (john@xxxxxxxxxxx) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFBdHhAjXa7jixmuZsRApxuAJ9V16hdbapJ/3r0zyvCMjUL5hygxACgs6ZH +eKcG6ZDC1LUFeHYj88E9ec= =k9Pe -----END PGP SIGNATURE-----
