More taint mode problems (please help)

Mike Jakubik mikej at rogers.com
Mon Jan 4 15:59:01 GMT 2010


Hello,

There seems to be more taint mode related problems in the latest version
of MS. As of now, most of emails with attachments are unable to process
and I'm at a loss on how to fix this as i am not a perl programmer.

When running in debug mode the following error is shown.

This is perl, v5.8.9 built for amd64-freebsd

---
Building a message batch to scan...
Have a batch of 1 message.
Insecure dependency in open while running with -T switch at
/usr/local/lib/perl5/site_perl/5.8.9/mach/IO/File.pm line 185.
/usr/local/etc/rc.d/mailscanner: WARNING: failed to start mailscanner
---

I tried to manually hack File.pm and added a function to untaint the file
open function. This worked, however it triggered another taint mode error
inside of MS itself.

---
Insecure dependency in chown while running with -T switch at
/usr/local/lib/MailScanner/MailScanner/Message.pm line 2505.
---

If someone could help i would greatly appreciate it, I'm sure other
FreeBSD users will be experiencing this too.

Thanks.



More information about the MailScanner mailing list