Bug 5184 - sql-based bayes and awl storage requires privileged access to db
Summary: sql-based bayes and awl storage requires privileged access to db
Status: RESOLVED INVALID
Alias: None
Product: Spamassassin
Classification: Unclassified
Component: Learner (show other bugs)
Version: 3.1.7
Hardware: Other other
: P5 normal
Target Milestone: Undefined
Assignee: SpamAssassin Developer Mailing List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-11-13 16:17 UTC by Richard van der Hoff
Modified: 2006-11-20 02:11 UTC (History)
0 users


Attachment Type Modified Status Actions Submitter/CLA Status
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Richard van der Hoff 2006-11-13 16:17:49 UTC 
It's possible that I've missed some important bit of configuration here, in
which case, consider this a bug against documentation.

AIUI, the recommended storage engine for Bayes data is now SQL; however, this
requires full SELECT, UPDATE, INSERT, DELETE access to the bayes tables. This
means that, to allow users to run their own bayesian learning, they must have
access to the entire table, which allows them to both see, and worse, alter,
other users' data. Similar problems occur for SQL-based AWL storage.

I'm not sure what the ideal fix for this would be, but one thought is that
learning could be supported by spamd. Then the SQL password could be stored in a
file only readable by the user running spamd. This would also have the
advantageous side-effect of speeding up learning.
Comment 1 Michael Parker 2006-11-13 18:21:59 UTC 
It is what it is.

Learning does happen to be supported by spamd.

This is the sort of discussion that should happen on the users list.
Comment 2 Richard van der Hoff 2006-11-20 02:11:26 UTC 
For the record, learning can be done with spamc -L. Many apologies for the
bugzilla spam :/.