--- spamassassin-3.1.0a/lib/Mail/SpamAssassin/SpamdForkScaling.pm.dg	2005-08-11 17:38:47.000000000 -0700
+++ spamassassin-3.1.0a/lib/Mail/SpamAssassin/SpamdForkScaling.pm	2005-10-20 19:09:14.000000000 -0700
@@ -615,7 +615,7 @@
       $statestr .= '?';
     }
   }
-  info("prefork: child states: ".$statestr."\n");
+  dbg("prefork: child states: ".$statestr."\n");
 
   # just kill off/add one at a time, to avoid swamping stuff and
   # reacting too quickly; Apache emulation
--- spamassassin-3.1.0a/spamd/spamd.raw.dg	2005-09-13 19:07:32.000000000 -0700
+++ spamassassin-3.1.0a/spamd/spamd.raw	2005-10-20 19:06:22.000000000 -0700
@@ -831,7 +831,7 @@
     ## PARENT
 
     $children{$pid} = 1;
-    info("spamd: server successfully spawned child process, pid $pid");
+    dbg("spamd: server successfully spawned child process, pid $pid");
     $backchannel->setup_backchannel_parent_post_fork($pid);
     if ($scaling) {
       $scaling->add_child($pid);
@@ -1015,7 +1015,7 @@
     $remote_hostname = 'localhost';
     $remote_hostaddr = '127.0.0.1';
     $remote_port = $opt{'socketpath'};
-    info("spamd: got connection over " . $opt{'socketpath'});
+    dbg("spamd: got connection over " . $opt{'socketpath'});
   }
   else {
     my ( $port, $ip ) = sockaddr_in( $client->peername );
@@ -1738,7 +1738,12 @@
       die("spamd: fatal error: setuid to $username failed");
     }
     else {
-      info("spamd: setuid to $username succeeded");
+      dbg("spamd: setuid to $username succeeded");
+    }
+    # increase paranoia when we only handle one client per child
+    if ($clients_per_child == 1) {
+      $( = $);                       # real gid
+      $< = $>;                       # real uid. we now cannot setuid anymore
     }
   }
 
@@ -1892,7 +1897,12 @@
       die("spamd: fatal error: setuid to $username failed");
     }
     else {
-      info("spamd: setuid to $username succeeded, reading scores from SQL");
+      dbg("spamd: setuid to $username succeeded, reading scores from SQL");
+    }
+    # increase paranoia when we only handle one client per child
+    if ($clients_per_child == 1) {
+      $( = $);                       # real gid
+      $< = $>;                       # real uid. we now cannot setuid anymore
     }
   }
 
@@ -1935,7 +1945,12 @@
       die("spamd: fatal error: setuid to $username failed");
     }
     else {
-      info("spamd: setuid to $username succeeded, reading scores from LDAP");
+      dbg("spamd: setuid to $username succeeded, reading scores from LDAP");
+    }
+    # increase paranoia when we only handle one client per child
+    if ($clients_per_child == 1) {
+      $( = $);                       # real gid
+      $< = $>;                       # real uid. we now cannot setuid anymore
     }
   }
 
@@ -2033,7 +2048,7 @@
     }
 
     unless ($$Mail::SpamAssassin::Logger::LOG_SA{INHIBIT_LOGGING_IN_SIGCHLD_HANDLER}) {
-      info("spamd: handled cleanup of child pid $pid ".
+      dbg("spamd: handled cleanup of child pid $pid ".
                 ((defined $sig) ? "due to SIG$sig" : ""));
     }
   }