Security and another survey question (was Re: [Mimedefang] clamd is not responding?)
David F. Skoll
dfs at roaringpenguin.com
Tue Oct 29 19:51:02 EST 2002
On Tue, 29 Oct 2002, Dave Williss wrote:
> I like the idea of requiring it to run it as mailnull or some other user.
> As long as it's well documented where to change the user it's run as
> in the config file before building.
It's a run-time option: The "-U" flag.
> Perhaps mimedefang could check the permissions
> on its spool directory and report any problems as soon as it starts
It does this.
> Is there any security problem with having the multiplexor run _by_
> root but immediately switch to run _as_ some other, less powerful
> user?
That's the usual way of doing it.
Regards,
David.
More information about the MIMEDefang
mailing list