On Tue, 24 Oct 2006, Andreas Vögele wrote:
Should the _spamdaemon user be able to the write to the updated rules
directory?
The updated rules are put into a subdirectory by sa-update,
e.g. /var/db/spamassassin/3.001007.
The _spamdaemon user doesn't need write access to that directory, only
read access.
This is correct.
In the current setup sa-update must be run by root, which is a bad
idea anyway. We could add another user, e.g. _saupdate, that may be
used to call sa-update, and change the owner of /var/db/spamassassin
to that user.
Yes well... let's move slowly with this: we do not want to complicate
things if they're not worth it. First, let's integrate this first change,
then we'll see.
So, should we commit this?
--
Antoine
