[Simon Walter] Bug#506353: mailscanner: many scripts allow
local users to overwrite arbitrary files, and more,
via symlink attacks
Kai Schaetzl
maillists at conactive.com
Thu Dec 11 16:43:12 GMT 2008
Julian Field wrote on Thu, 11 Dec 2008 14:16:06 +0000:
> Please let me know what you think works and what still doesn't work, if
> anything.
So far so good. Got this on first restart:
Dec 11 17:31:10 d01 MailScanner[11441]: Could not test file ownership
abilities on
/var/spool/MailScanner/incoming/Locks/MailScanner.ownertest.11441, please
delete the file
file doesn't exist, though. Directory contains lockfiles for all the
virusscan wrappers, no matter if in use or not. Is this intended?
Everything seems to be fine.
How to test? Run /etc/cron.hourly/update_virus_scanners ?
I also noticed a somewhat strange behavior of upgrade_MailScanner_conf. It
mentioned
Added new: Web Bug Replacement = http://www.mailscanner.tv/1x1spacer.gif
although this was already present in MailScanner.conf (from 4.74.4).
One request for mailscanner*.rpm: could you add a check that stops
creating the /etc/spamassassin/mailscanner.conf symlink in case there's
already a symlink or file? I tried touching an empty file there, but the
rpm just wiped it away.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
More information about the MailScanner
mailing list