[Simon Walter] Bug#506353: mailscanner: many scripts allow local
users to overwrite arbitrary files, and more, via symlink attacks
Julian Field
MailScanner at ecs.soton.ac.uk
Fri Dec 12 11:53:15 GMT 2008
On 12/12/08 11:07, Kai Schaetzl wrote:
> Phil Randal wrote on Fri, 12 Dec 2008 10:18:20 -0000:
>
>
>> Looks like WorkArea.pm is missing a
>>
>> use File::Temp;
>>
>
> Adding it at the start of the file didn't help. Jules, I reverted to the
> original WorkArea.pm. Mail is now processing again.
>
That's because that's not what you need to add, it was your guess at
what you needed to add :-)
Download the -2 release and you'll be fine, that has the correct line at
the top I believe.
Jules
--
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
Need help customising MailScanner?
Contact me!
Need help fixing or optimising your systems?
Contact me!
Need help getting you started solving new requirements from your boss?
Contact me!
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner
mailing list