© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
This user switching is for reading per-user configurations only and I think can be mitigated by making the per-user config world readable.
Furthermore from the README.spamd.gz you've mentioned "If a fault is found in spamd or spamassassin code, any third party linked-libraries or imported perl modules there is the potential for abuse of both the running uid of spamd, and the uid of the username supplied by spamc (and this could be any user)."
I'm not sure how many LOC but there is quite a slew of extra code with all the plugins that ship with SA. I question if all this code is maintained with the same attention and security awareness as other parts of the mail stack. I know all other parts are not executed as root. Of course statistics wouldn't have hurt ;-).