Package: spamassassin Version: 3.3.1-2 Severity: important -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
The cron script (/etc/cron.daily/spamassassin) runs sa-update as root. However, sa-update pulls spamassassin rules from the net (updates.spamassassin.org by default). It seems to me that running sa-update as root is a really BAD idea. I do not want the root user on my system to be pulling data off of the net if it can be avoided. And it seems like it can in this case, since sa-update could be run by a non-priviledged user. I think that /etc/cron.daily/spamassassin should either be modified to run sa-update as a non-priviledged user (presumably something like spamd). Either that or the sa-update portion itself should be run under the non-priviledged user in /etc/cron.d/spamassassin. Thanks. jamie. - -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (600, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages spamassassin depends on: pn libarchive-tar-perl <none> (no description available) ii libdigest-sha1-perl 2.13-1 NIST SHA-1 message digest algorith ii libhtml-parser-perl 3.68-1 collection of modules that parse H ii libnet-dns-perl 0.66-2 Perform DNS queries from a Perl sc ii libnetaddr-ip-perl 4.042+dfsg-1 IP address manipulation module ii libsocket6-perl 0.23-1 Perl extensions for IPv6 ii libsys-hostname-long-perl 1.4-2 Figure out the long (fully-qualifi ii libwww-perl 6.01-3 simple and consistent interface to ii perl 5.10.1-19 Larry Wall's Practical Extraction ii perl-modules [libio-zlib-pe 5.10.1-19 Core Perl modules Versions of packages spamassassin recommends: ii gcc 4:4.5.2-2 The GNU C compiler ii gnupg 1.4.11-3 GNU privacy guard - a free PGP rep ii libc6-dev 2.11.2-11 Embedded GNU C Library: Developmen ii libio-socket-inet6-perl 2.65-1.1 Object interface for AF_INET6 doma ii libmail-spf-perl 2.007-1 Perl implementation of Sender Poli ii make 3.81-8.1 An utility for Directing compilati ii perl [libsys-syslog-perl] 5.10.1-19 Larry Wall's Practical Extraction ii re2c 0.13.5-1 tool for generating fast C-based r ii spamc 3.3.1-2 Client for SpamAssassin spam filte Versions of packages spamassassin suggests: pn libdbi-perl <none> (no description available) ii libio-socket-ssl-perl 1.39-1 Perl module implementing object or pn libmail-dkim-perl <none> (no description available) pn libnet-ident-perl <none> (no description available) ii perl [libcompress-zlib-perl] 5.10.1-19 Larry Wall's Practical Extraction pn pyzor <none> (no description available) pn razor <none> (no description available) - -- no debconf information -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBCAAGBQJNsyobAAoJEO00zqvie6q8YlQQAIYkCYJNuGMBZEYKZ1sTmdZy QrUOzYjTkGOR8bkJ79WLDH0iqx9ZU5DV0kZrfgAsHViXaK4eXLIL2HhTUWTwrR5A 01l0Pd35ZB+UwQMRcUh7wITBXRMHzNJ1pBYtSI8O0M3m3elTS5c6AZH5Iy3QiN/P c/8o0mq0HzpCPveedzmlw37KuC0ZiDgirT2HK2z2UI6b5M8hOiQMOQEBpfW/StTh G2D7hvzvCi/3aQvayqRiMJ8PD40n5TGup8i9fyVOuPZN+WZkjgMAXIct+dwumK4p v9tbttikWp+EoLHcFRdctTQDJp5L6NQRx7jsQnnwPLOtfihNdTQA7oopgQfl9mSk FHquf4Cie/xD/IjS0sA90XJ5sx7hty0y2WvAkHccj4W5exZvGxGVGOGyaeOhlYCh OIHY0/6woXIO92YYMeyZFbqBStAvgmJkTPod/b/P/wQiQbR0Ba5sGnZWX7FbpeD4 quCrEzBvlJ82Fmq7LyL1M3nWCoDaEDRjiHex83xkLtNOSoTBPDH4ycv22F8q29Ok SCr9xX5qHqH18Bq5NSUdOa5zehfz7Cy5XvJMYPDI418WdFDUkyxHmNkH7vEJinDT ib/M64VWNnl0y2+QY0UuBYABIoZx7FJPnu28TQ2ZVxqh4tVkTHMTQEnoKgu5Xzjv jVlndR6mJM3kYy28WQID =dHE1 -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
