Fwd: RE: weird mailscanner clamd error

Achim J. Latz achim+mailwatch at qustodium.net
Tue Jan 25 10:52:06 GMT 2011


Hello Rick:

Did Julian reply to your suggestion/bug fix?

Perhaps it got lost in the depths of Christmas/New Year's traffic?

Best regards, Achim

-------- Original Message --------
Subject: RE: weird mailscanner clamd error
Date: Thu, 6 Jan 2011 12:25:06 -0500
From: Rick Cooper <rcooper at dwford.com>
Reply-To: MailScanner discussion <mailscanner at lists.mailscanner.info>
To: 'MailScanner discussion' <mailscanner at lists.mailscanner.info>
Newsgroups: gmane.mail.virus.mailscanner
References: 
<201101051200.p05C0MhO008128 at safir.blacknight.ie><9453A32CAC9FFB4D8F59285E34B6A5062F6F at hotc_exch.harperotc.com><AANLkTi=noruKSuqY_R3mCcmJw3yTd68QRVK7YwGTJCMA at mail.gmail.com><7CA580B59C1ABD45B4614ED90D4C7B85113DFF at HC-EXMBX02.herefordshire.gov.uk><AANLkTi=JA0tjh9GWtoMf+S4dhJ2-Mt7kAPA2yeh8h6PC at mail.gmail.com> 
<9453A32CAC9FFB4D8F59285E34B6A5062F73 at hotc_exch.harperotc.com>

Naz Snidanko wrote:
> I just checked:
>
> /opt/MailScanner-4.82.3-1/lib/MailScanner/MessageBatch.pm
>
> I am using 4.82.3-1 and this modification is there. It does not solve
> the problem. I haven't tried running clamd under root since it would
> violate our security principles.
>
> Are you guys sure it is not a problem with clamd itself? Clamav
> doesn't get this error.

Actually the more I looked at this, I believe the code in Message.pm
beginning at line 3348 that reads

     # Untaint member's attributes.
     $member->unixFileAttributes(0600);

Should be

     # Untaint member's attributes.
	my $workperms = MailScanner::Config::Value('workperms') || '0600';
     $member->unixFileAttributes($workperms);
For some reason it appears Julian forced the extracted files to 0600 in the
original code. The change I have listed above would set them to what ever
the mailscanner config has for the work permissions or 600 if no value
exists.

Julian any comment?


Rick

>
> Regards,
>
> Naz Snidanko
> Desktop & Network Support
> Harper Power Products Inc.
> (p) 416 201- 7506
>  nsnidanko at harperpowerproducts.com
>
> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info
> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of
> Iulian L Dragomir
> Sent: January 6, 2011 6:05 AM
> To: MailScanner discussion
> Subject: Re: weird mailscanner clamd error
>
> On Thu, Jan 6, 2011 at 12:24 PM, Randal, Phil
> <prandal at herefordshire.gov.uk> wrote:
>> The only workaround I've found is to run clamd as root.
>>
>>
>>
>> I've seen the same issue with MailScanner / sendmail on CentOS.
>
> If it is the same problem then try this:
>
> http://lists.mailscanner.info/pipermail/mailscanner/2010-April/095611.ht
> ml
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!



--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


-- 
Achim J. Latz, Qustodium Internet Security
achim.latz at qustodium.net · http://www.qustodium.net
Data Encryption · Backup Automatisation · E-Mail Protection


More information about the MailScanner mailing list