Bug 1567 - allow_user_rules doesnt work with some tests, some of the time
Summary: allow_user_rules doesnt work with some tests, some of the time
Status: RESOLVED FIXED
Alias: None
Product: Spamassassin
Classification: Unclassified
Component: Libraries (show other bugs)
Version: 2.52
Hardware: Other other
: P5 normal
Target Milestone: 2.60
Assignee: Duncan Findlay
URL:
Whiteboard:
Keywords: backport
Depends on:
Blocks:
 
Reported: 2003-02-26 21:39 UTC by Duncan Findlay
Modified: 2003-05-11 10:41 UTC (History)
1 user (show)


Attachment Type Modified Status Actions Submitter/CLA Status
patch for review for 2.50 patch None Duncan Findlay [HasCLA]
Patch for review. patch None Duncan Findlay [HasCLA]
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Duncan Findlay 2003-02-26 21:39:34 UTC 
Anyways... I fixed this bug a while ago, but I guess I never committed it. Oops.

Here's a patch. It basically allows users to define header:exists rules, and
some rbl rules when allow_user_rules is on.
Comment 1 Duncan Findlay 2003-02-26 21:47:12 UTC 
Created attachment 693 [details]
patch for review for 2.50
Comment 2 Duncan Findlay 2003-02-26 21:47:34 UTC 
for 2.50
Comment 3 Duncan Findlay 2003-02-27 17:23:57 UTC 
ARgh... I forgot to CC: sa-devel.

This is intended for 2.50, so if anyone would like to review it...

Here's the summary:

Anyways... I fixed this bug a while ago, but I guess I never committed it. Oops.

Here's a patch. It basically allows users to define header:exists rules, and
some rbl rules when allow_user_rules is on.
Comment 4 Daniel Quinlan 2003-02-27 21:47:49 UTC 
Duncan,

This is a significant change for 2.50 series, but looks okay to me.

Just one question: have you tested each of these sub-categories to make
sure they work okay and don't completely bog down spamd if the user does
something funky like add a huge number of bad RBL rules?
Comment 5 Duncan Findlay 2003-02-28 15:44:22 UTC 
Subject: Re:  allow_user_rules doesnt work with some tests, some of the time

Actually, I haven't tested it nearly enough. I imagine that the RBL
ones aren't 100% necessary. I'd be happy if we just added
allow_user_rules to work with the header:exists tests. That fix has
been tested for a while in Debian packages.
Comment 6 Daniel Quinlan 2003-03-02 20:38:45 UTC 
I'm okay with allowing the header:exists tests.
Comment 7 Daniel Quinlan 2003-03-02 20:45:20 UTC 
Another option I would consider to allow the RBL tests would be to have RBL
tests require allow_user_rules to be set to >= 2 instead of == 1, then
the other places the option is tested would have to test for >= 1 as well, but
I think I wwill be okay with it as long as every place got changed.
Comment 8 Duncan Findlay 2003-03-02 21:02:42 UTC 
Subject: Re: [SAdev]  allow_user_rules doesnt work with some tests, some of the time

IIRC, allow_user_rules with spamd _could_ (depending on perl) give
users access as the user spamd is run as. (Using /(?{code})/)

perlre says this is not possible if run-time evaluation of variables
happens. Someone should probably actually test this.

Of course, this issue makes the addition of DNS tests to be a triviality.
Comment 9 Malte S. Stretz 2003-03-16 13:41:41 UTC 
Duncan: Are you sure this works? There's a "next" on the lines before the ones 
you added... :o)
Comment 10 Malte S. Stretz 2003-03-18 14:15:07 UTC 
reassigning to Duncan
Comment 11 Duncan Findlay 2003-03-29 20:21:34 UTC 
Created attachment 845 [details]
Patch for review.
Comment 12 Duncan Findlay 2003-03-29 20:22:18 UTC 
umm... right you are. this should work better
Comment 13 Duncan Findlay 2003-03-29 21:13:29 UTC 
Actually... some of the RBL concerns may be valid, and I have not tested that.
Maybe we should hold off until 2.60. (Still... someone should test that...)
Comment 14 Duncan Findlay 2003-05-11 18:41:21 UTC 
alright... since this isnt entirely going in to 2.54, and its already committed
for 2.60, we'll let this be closed... the RBL stuff can be reported separately
if it's a problem.

(And I like having no bugs assigned to me!)