More taint mode problems (please help)

Garrod M. Alwood Garrod.Alwood at lorodoes.com
Wed Jan 13 18:26:00 GMT 2010


I don't know if this a failure on my part or not, but when certain file types come in I get the below error and this what I am running ubuntu 9.10 with perl 5.10 and MailScanner 4.79.5-1.

Insecure dependency in open while running with -T switch at /usr/lib/perl/5.10/IO/File.pm line 63.

60:           return open($fh, $mode, $file) if @_ == 3;
61:           croak 'usage: $fh->open(FILENAME, IOLAYERS)';
62:       } else {
63:            return open($fh, IO::Handle::_open_mode_string($mode), $file);

Garrod M. Alwood
Consultant
garrod.alwood at lorodoes.com<mailto:garrod.alwood at lorodoes.com>
904.738.4988
________________________________
From: mailscanner-bounces at lists.mailscanner.info [mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jules Field [MailScanner at ecs.soton.ac.uk]
Sent: Wednesday, January 13, 2010 11:41 AM
To: MailScanner discussion
Subject: Re: More taint mode problems (please help)

Please can you try the attached patch to TNEF.pm.
Please let me know if it solves the problem or not.

Thanks!
Jules.

On 13/01/2010 16:19, Thomas Lohman wrote:
>
>> I've released 4.79.5, which I would gratefully appreciate you testing.
>
> Hi Julian,
>
> I've installed version 4.79.5 on a RH5 box with perl 5.10.1 and have
> been running it against our production e-mail traffic and I noticed
> this morning that taint errors still are happening when processing
> TNEF attachments.  This is the line which is output when running a
> single message through in debug mode:
>
> 11:17:22 Insecure dependency in rename while running with -T switch at
> /usr/local/MailScanner/lib/MailScanner/TNEF.pm line 357.
>  Failed.
>
> Let me know if there is any more information you need or if there is
> some other patch I may be missing.
>
> thanks much,
>
>
> --tom
>

Jules

--
Julian Field MEng CITP CEng
www.MailScanner.info<http://www.mailscanner.info/>
Buy the MailScanner book at www.MailScanner.info/store<http://www.mailscanner.info/store>

Need help customising MailScanner?
Contact me!
Need help fixing or optimising your systems?
Contact me!
Need help getting you started solving new requirements from your boss?
Contact me!

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
Follow me at twitter.com/JulesFM and twitter.com/MailScanner


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20100113/cd3aa948/attachment.html


More information about the MailScanner mailing list