Comment # 5 on bug 1150554 from 
I have replaced the submission by sr#780202 in the meantime. In the original
approach only the cron job dropped privileges. But this could have caused
additional security issues when somebody calls sarg-reports a different way
(e.g. manually on the command line).

Therefore I've moved the privilege drop code into the sarg-reports script
itself. It now drops privilege to the owner:group of the /srv/www/sarg
directory. This also allows users to easily restore the original behaviour
with sarg running as root, if desired for some reason.

You are receiving this mail because: