More taint mode problems (please help)

Jules Field MailScanner at ecs.soton.ac.uk
Mon Jan 11 13:06:08 GMT 2010


I have fixed this one. I'll do another beta release this afternoon so 
you all have the latest code.

Jules.

On 04/01/2010 15:59, Mike Jakubik wrote:
> Hello,
>
> There seems to be more taint mode related problems in the latest version
> of MS. As of now, most of emails with attachments are unable to process
> and I'm at a loss on how to fix this as i am not a perl programmer.
>
> When running in debug mode the following error is shown.
>
> This is perl, v5.8.9 built for amd64-freebsd
>
> ---
> Building a message batch to scan...
> Have a batch of 1 message.
> Insecure dependency in open while running with -T switch at
> /usr/local/lib/perl5/site_perl/5.8.9/mach/IO/File.pm line 185.
> /usr/local/etc/rc.d/mailscanner: WARNING: failed to start mailscanner
> ---
>
> I tried to manually hack File.pm and added a function to untaint the file
> open function. This worked, however it triggered another taint mode error
> inside of MS itself.
>
> ---
> Insecure dependency in chown while running with -T switch at
> /usr/local/lib/MailScanner/MailScanner/Message.pm line 2505.
> ---
>
> If someone could help i would greatly appreciate it, I'm sure other
> FreeBSD users will be experiencing this too.
>
> Thanks.
>
>    

Jules

-- 
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

Need help customising MailScanner?
Contact me!
Need help fixing or optimising your systems?
Contact me!
Need help getting you started solving new requirements from your boss?
Contact me!

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
Follow me at twitter.com/JulesFM and twitter.com/MailScanner


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the MailScanner mailing list