Taint problem calling Archive::Zip?
John Wilcock
john at tradoc.fr
Mon Nov 15 12:23:23 GMT 2010
Since upgrading from Perl 5.8.8 to 5.12.2 on my gentoo box, I've had
several instances of messages "attempting to kill" MailScanner, with
.docx (or other similar zip-container format) files as attachments.
Running in debug mode gives the following error:
Insecure dependency in chmod while running with -T switch at
/usr/lib64/perl5/vendor_perl/5.12.2/Archive/Zip/Member.pm line 490
This is with MailScanner 4.81.4, Archive::Zip 1.30. I haven't yet tried
with MS 4.82 beta or the developer release of Archive::Zip 1.31_01, but
don't see anything in the changelogs that suggests they would help.
Any ideas? (other than setting Maximum Archive Depth = 0, which does
seem to be an effective if less-than-satisfactory workaround)
John.
--
-- Over 4000 webcams from ski resorts around the world - www.snoweye.com
-- Translate your technical documents and web pages - www.tradoc.fr
More information about the MailScanner
mailing list