| 1 |
On 12/14/19 11:53 PM, Ralph Seichter wrote: |
| 2 |
> |
| 3 |
> Of the three packages you mentioned, milter-regex (not regex-milter) is |
| 4 |
> the only one with a name that actually contains "milter". OpenDMARC |
| 5 |
> should never have user a user named milter in the first place, and in |
| 6 |
> the future it should use "opendmarc". |
| 7 |
> |
| 8 |
> Besides, since nobody has claimed group/user "milter" before me, I think |
| 9 |
> this falls under first come, first serve. |
| 10 |
|
| 11 |
I agree that milter-regex has the strongest claim to the username. All |
| 12 |
I'm saying is that until opendmarc updates to GLEP81, changes its |
| 13 |
username, and all of its old versions have been purged from the tree... |
| 14 |
|
| 15 |
(a) we still have a dumb security vulnerability, in that these daemons |
| 16 |
can modify each others' files; and |
| 17 |
|
| 18 |
(b) you have to be careful not to do anything in acct-user/milter that |
| 19 |
could break someone's opendmarc setup, because now reinstalling |
| 20 |
acct-user/milter will reset all of the settings for its user (see |
| 21 |
the mythtv thread from today about this). |
Archives