Ubuntu
razor package

spamd creates file in /

Bug #126939 reported by Nikolaus Rath
6
Affects Status Importance Assigned to Milestone
razor (Ubuntu)
Fix Released
Medium
François Marier
spamassassin (Debian)
Fix Released
Unknown

Bug Description

Binary package hint: spamassassin

When used with razor2, spamd creates the file /razor-agent.log.

In the manpage of Mail::SpamAssassin::Plugin::Razor2 I couldn't find any option to change this location.

Apart from that I really wonder why the file can be created (as root.root) in / at all. I am starting spamd with -u spamd so I expect spamd not to start any auxiliary programs as root.

Siegfried Gevatter (rainct)
Changed in spamassassin:
importance: Undecided → Low
Revision history for this message
Andreas Simon (andreas-w-simon) wrote :

The same here with versions
spamassassin 3.2.2-0ubuntu1
razor 2.810-2

Changed in spamassassin:
status: New → Confirmed
Bug Watch Updater (bug-watch-updater)
Changed in spamassassin:
status: Unknown → Incomplete
Revision history for this message
Scott Kitterman (kitterman) wrote :

It looks to me like this is pretty clearly a razor bug. The log file is created by razor, not spamassassin.

As a work around, enabling syslog logging would probably avoid this.

The problem appears to be in lib/Razor2/Client/Config.pm around lines 99 - 105, but I lack the Perl to know for sure or to fix it.

Changed in spamassassin:
importance: Low → Medium
status: Confirmed → Triaged
Revision history for this message
Nikolaus Rath (nikratio) wrote :

Enabling syslog does not work around the problem; the logfile is still created.

I also still see this as a spamd bug, and serious security issue as well:
Why is razor started as root?

Revision history for this message
Scott Kitterman (kitterman) wrote :

That would be a separate issue.

The reason it's a razor bug and not a spamassassin bug is that the code that makes the logfile is in razor. There's nothing spamassassin can do about it. If this bug were not present, but razor was still started as root, the logfile would be in /root, not in /.

Revision history for this message
Nikolaus Rath (nikratio) wrote :

If spamassassin wouldn't start razor as root, there would be no logfile due to insufficient privileges. So spamassassin can work around this bug and at the same time fix a bug in SA itself.

I agree that this should be fixed in razor as well though.

Revision history for this message
Scott Kitterman (kitterman) wrote :

Please file a spamassassin bug for razor started as root. I agree that's not the best way to do it.

Revision history for this message
François Marier (fmarier) wrote :

This has been fixed in hardy, which has the latest version of razor from Debian.

Changed in razor:
assignee: nobody → fmarier
status: Triaged → Fix Released
Bug Watch Updater (bug-watch-updater)
Changed in spamassassin:
status: Incomplete → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.