weird mailscanner clamd error

Rick Cooper rcooper at dwford.com
Tue Jan 25 15:26:00 GMT 2011


Achim J. Latz wrote:
> Hello Rick:
> 
> Did Julian reply to your suggestion/bug fix?
> 
> Perhaps it got lost in the depths of Christmas/New Year's traffic?

No I have noticed anything from Julian on this issue but from experience
it's not uncommon for him to look into something that has been addressed or
or a patch suggested on the list, fix it and not mention it until the next
update. If there is nothing in that change log then might want to bother him
again.

Rick
> 
> Best regards, Achim
> 
> -------- Original Message --------
> Subject: RE: weird mailscanner clamd error
> Date: Thu, 6 Jan 2011 12:25:06 -0500
> From: Rick Cooper <rcooper at dwford.com>
> Reply-To: MailScanner discussion <mailscanner at lists.mailscanner.info>
> To: 'MailScanner discussion' <mailscanner at lists.mailscanner.info>
> Newsgroups: gmane.mail.virus.mailscanner
> References:
>
<201101051200.p05C0MhO008128 at safir.blacknight.ie><9453A32CAC9FFB4D8F59285E34
B6A5062F6F at hotc_exch.harperotc.com><AANLkTi=noruKSuqY_R3mCcmJw3yTd68QRVK7YwG
TJCMA at mail.gmail.com><7CA580B59C1ABD45B4614ED90D4C7B85113DFF at HC-EXMBX02.here
fordshire.gov.uk><AANLkTi=JA0tjh9GWtoMf+S4dhJ2-Mt7kAPA2yeh8h6PC at mail.gmail.c
om>
> <9453A32CAC9FFB4D8F59285E34B6A5062F73 at hotc_exch.harperotc.com>
> 
> Naz Snidanko wrote:
>> I just checked:
>> 
>> /opt/MailScanner-4.82.3-1/lib/MailScanner/MessageBatch.pm
>> 
>> I am using 4.82.3-1 and this modification is there. It does not solve
>> the problem. I haven't tried running clamd under root since it would
>> violate our security principles.
>> 
>> Are you guys sure it is not a problem with clamd itself? Clamav
>> doesn't get this error.
> 
> Actually the more I looked at this, I believe the code in Message.pm
> beginning at line 3348 that reads
> 
>      # Untaint member's attributes.
>      $member->unixFileAttributes(0600);
> 
> Should be
> 
>      # Untaint member's attributes.
> 	my $workperms = MailScanner::Config::Value('workperms') || '0600';
>      $member->unixFileAttributes($workperms);
> For some reason it appears Julian forced the extracted files to 0600
> in the original code. The change I have listed above would set them
> to what ever the mailscanner config has for the work permissions or
> 600 if no value exists.
> 
> Julian any comment?
> 
> 
> Rick
> 
>> 
>> Regards,
>> 
>> Naz Snidanko
>> Desktop & Network Support
>> Harper Power Products Inc.
>> (p) 416 201- 7506
>>  nsnidanko at harperpowerproducts.com
>> 
>> -----Original Message-----
>> From: mailscanner-bounces at lists.mailscanner.info
>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of
>> Iulian L Dragomir Sent: January 6, 2011 6:05 AM
>> To: MailScanner discussion
>> Subject: Re: weird mailscanner clamd error
>> 
>> On Thu, Jan 6, 2011 at 12:24 PM, Randal, Phil
>> <prandal at herefordshire.gov.uk> wrote:
>>> The only workaround I've found is to run clamd as root.
>>> 
>>> 
>>> 
>>> I've seen the same issue with MailScanner / sendmail on CentOS.
>> 
>> If it is the same problem then try this:
>> 
>> http://lists.mailscanner.info/pipermail/mailscanner/2010-April/095611.ht
>> ml --
>> MailScanner mailing list
>> mailscanner at lists.mailscanner.info
>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>> 
>> Before posting, read http://wiki.mailscanner.info/posting
>> 
>> Support MailScanner development - buy the book off the website! --
>> MailScanner mailing list
>> mailscanner at lists.mailscanner.info
>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>> 
>> Before posting, read http://wiki.mailscanner.info/posting
>> 
>> Support MailScanner development - buy the book off the website!
> 
> 
> 
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
> 
> 
> --
> Achim J. Latz, Qustodium Internet Security
> achim.latz at qustodium.net . http://www.qustodium.net
> Data Encryption . Backup Automatisation . E-Mail Protection



--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.




More information about the MailScanner mailing list