More taint mode problems (please help)
MailScanner at ecs.soton.ac.uk
Mon Jan 11 13:06:08 GMT 2010
I have fixed this one. I'll do another beta release this afternoon so
you all have the latest code.
On 04/01/2010 15:59, Mike Jakubik wrote:
> There seems to be more taint mode related problems in the latest version
> of MS. As of now, most of emails with attachments are unable to process
> and I'm at a loss on how to fix this as i am not a perl programmer.
> When running in debug mode the following error is shown.
> This is perl, v5.8.9 built for amd64-freebsd
> Building a message batch to scan...
> Have a batch of 1 message.
> Insecure dependency in open while running with -T switch at
> /usr/local/lib/perl5/site_perl/5.8.9/mach/IO/File.pm line 185.
> /usr/local/etc/rc.d/mailscanner: WARNING: failed to start mailscanner
> I tried to manually hack File.pm and added a function to untaint the file
> open function. This worked, however it triggered another taint mode error
> inside of MS itself.
> Insecure dependency in chown while running with -T switch at
> /usr/local/lib/MailScanner/MailScanner/Message.pm line 2505.
> If someone could help i would greatly appreciate it, I'm sure other
> FreeBSD users will be experiencing this too.
Julian Field MEng CITP CEng
Buy the MailScanner book at www.MailScanner.info/store
Need help customising MailScanner?
Need help fixing or optimising your systems?
Need help getting you started solving new requirements from your boss?
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
Follow me at twitter.com/JulesFM and twitter.com/MailScanner
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner