Package: postfix-policyd-spf-perl Version: 2.005-2 Severity: normal Having a daemon or server process run as "nobody" is a bad idea because if more than one daemon or server does it then one compromised daemon could attack others.
Please make the postinst create an account named "postfix-policy" or similar. Also it would be good if the package included a script to enable and disable this. Something like /usr/sbin/config-postfix-policyd-spf-perl which has options "enable" and "disable" to change the postfix configuration files. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
