Perl problems on FreeBSD (again)
Kevin Kobb
kkobb at skylinecorp.com
Wed Oct 21 13:43:26 IST 2009
Mog wrote:
> Hi all,
>
> I upgraded MailScanner last night along with a number of other ports,
> which unfortunately included a micro update to Perl. On FreeBSD it went
> from perl-5.10.0 to perl-5.10.1, and judging by the error messages in
> the maillog, it seems that the old taint mode problem has resurfaced:
>
> Could not use Custom Function code
> /usr/local/lib/MailScanner/MailScanner/CustomFunctions/SpamWhitelist.pm,
> it could not be "require"d. Make sure the last line is "1;" and the
> module is correct with perl -wc (Error: Insecure dependency in require
> while running with -T switch at
> /usr/local/lib/MailScanner/MailScanner/Config.pm line 754.
>
> I'm seeing this same error message being shown for these files as well:
> MyExample.pm, DavidHooton.pm, LastSpam.pm, GenericSpamScanner.pm,
> CustomAction.pm, Ruleset-from-Function.pm and ZMRouterDirHash.pm.
>
>
> From what I understand, FreeBSD runs perl programs with the -T option
> (taint mode), which is basically some additional security check. If I'm
> reading this right, the additional security check (for some reason)
> seems to have a problem with 'eval { require $fullfile; };', the code
> used to require the CustomFunction modules MailScanner uses:
>
> $fullfile = "$dir/$filename";
> next unless -f $fullfile and -s $fullfile;
> eval { require $fullfile; };
> if ($@) {
> MailScanner::Log::WarnLog("Could not use Custom Function code %s, " .
> "it could not be \"require\"d. Make sure " .
> "the last line is \"1;\" and the module " .
> "is correct with perl -wc (Error: %s)",
> $fullfile, $@);
> }
>
>
> Does this makes sense to anyone? Naturally I've reported this problem to
> the FreeBSD people as well to see if they can help work out what is
> going on.
>
> Regards,
> mog
What process did you use to upgrade MailScanner/Perl? If you used
portupgrade, please give the command line you used.
More information about the MailScanner
mailing list