Hi, Ever since I introduced pledge(2) on spamd(8) the chroot'ed process, if running in default, cannot get anywhere near the filesystem since its only promises are "stdio inet". Furthermore, in blacklist mode this same codepath is not chroot'ed but once again it gets the same pledge(2).
That being said then in my opinion I think that the BUGS section should be removed from the manpage, because even if the processes are running with the same user the concern here doesn't apply anymore. Comments? OK? Index: spamd.8 =================================================================== RCS file: /cvs/src/libexec/spamd/spamd.8,v retrieving revision 1.134 diff -u -p -u -r1.134 spamd.8 --- spamd.8 2 Apr 2017 18:14:34 -0000 1.134 +++ spamd.8 24 Jul 2019 14:47:03 -0000 @@ -607,17 +607,3 @@ The .Nm command first appeared in .Ox 3.3 . -.Sh BUGS -.Nm -currently uses the user -.Dq _spamd -outside a chroot jail when running in default mode, and requires -the greylisting database in -.Pa /var/db/spamd -to be owned by the -.Dq _spamd -user. -This is wrong and should change to a distinct user from the -one used by the chrooted -.Nm -process.
