Lock.PM insecure with -T switch

Peter Bonivart bonivart at opencsw.org
Tue Jun 21 16:13:01 IST 2011


2011/6/21 Viktor Matys - Grumpa.Net <v.matys at grumpa.net>:
> Insecure dependency in open while running with -T switch at
> /usr/share/MailScanner//MailScanner/Lock.pm line 358.

This has been mentioned many times now, this is from one of the first
hits on Google:

"There's no fix from Mailscanner yet, but I did find a workarround by
adding -U to the first line of the Mailscanner perl script:

#!/usr/bin/perl -I/opt/MailScanner/lib -U"

Since so many of you seem to have a "problem" with this, can't one of
you contribute a patch to Julian?

/peter


More information about the MailScanner mailing list