Taint problems

Alessandro Bianchi alex at skynet-srl.com
Thu May 5 17:37:14 IST 2011 

Danilo Marques de Gouveia <dm.gouveia at gmail.com> ha scritto:

WOW !!! That worked !!!


Thanks for the help man, let me ask you somthing, I do have another server that doesn't show up this error, I'm wondering if we are getting this error because we got any perl updates or even a new version of anything else.


Thanks in advance

On Thu, May 5, 2011 at 12:58 PM, Alessandro Bianchi <alex at skynet-srl.com> wrote:

Danilo Marques de Gouveia <dm.gouveia at gmail.com> ha scritto:

Hi Alessandro,


I'm getting the same issue that you got, when I run the mailscanner in debug mode I got the error:


In Debugging mode, not forking...

Trying to setlogsock(unix)

Building a message batch to scan...

Insecure dependency in open while running with -T switch at /usr/share/MailScanner//MailScanner/Lock.pm line 358.

                                                                                                                                                                                                         [fail]

root at mx:/var/spool/postfix/active#


In the list you wrote that you changed the /usr/sbin/MailScanner and added the -U option ... I didn't get this part, which change you did?


If you could help me with this issue I would be very pleased since I'm fighting agains my MS server for two days :(


On Wed, Apr 20, 2011 at 7:48 AM, Alessandro Bianchi <alex at skynet-srl.com> wrote:

Hi folks

I discovered that the problems that forced me to run MS as root were originated by taint mode errors.

Something has happened on my Fedora 14 Systems so that MS spits a load of taint errors and dies.

Here there are some of them:

/usr/lib/MailScanner/MailScanner/Lock.pm line 358
/usr/lib/MailScanner/MailScanner/Message.pm line 538
Insecure dependency in chown while running with -T switch at /usr/lib/MailScanner/MailScanner/Message.pm line 1381.
/usr/lib/MailScanner/MailScanner/Message.pm line 2418

/usr/lib/MailScanner/MailScanner/PFDiskStore.pm line 173
/usr/lib/MailScanner/MailScanner/PFDiskStore.pm line 176.
/usr/lib/MailScanner/MailScanner/PFDiskStore.pm line 379
/usr/lib/MailScanner/MailScanner/Quarantine.pm line 189


Can't call method "print" on an undefined value at /usr/lib/MailScanner/MailScanner/PFDiskStore.pm line 752.
Can't call method "CombineReports" on unblessed reference at /usr/lib/MailScanner/MailScanner/MessageBatch.pm line 736.

Insecure dependency in open while running with -T switch at /usr/lib64/perl5/IO/File.pm line 185.
Insecure dependency in mkdir while running with -T switch at /usr/lib/MailScanner/MailScanner/TNEF.pm line 233.
Insecure dependency in mkdir while running with -T switch at /usr/lib/MailScanner/MailScanner/TNEF.pm line 236.
Insecure dependency in open while running with -T switch at /usr/share/perl5/File/Copy.pm line 246.

The synptom is MS starting and restarting over and over again in the logs.

I begun to follow the errors using the --debug switch, and fixed some of them, until I came to errors in files that appear to be System libraries (p.e. /usr/share/perl5/File/Copy.pm ).

Furthermore running as root prevented Postfix from picking up files from the incoming directory and that leaded me to a non functional mail system: so I had to go back to running MS as postfix user and avoinding fatal taint errors.

Till now, after several hours, the only way I found to run MS , is adding the -U switch in the showbang line in /usr/sbin/MailScanner.

This switch, to my understanding, turns fatal taint errors in warning, but I'm still looking for a definitive fix.

Hope to save some night work hours to someone else with this info.

Best regards

Alessandro Bianchi

-- 
Il messaggio e' stato analizzato alla ricerca di virus o
contenuti pericolosi da SkyNet SRL, ed e'
risultato non infetto.

-- 
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website! 




-- 
Danilo Marques de Gouveia


-- 
Il messaggio e' stato analizzato alla ricerca di virus o 

contenuti pericolosi da SkyNet Srl, ed e' 
risultato non infetto. 


Just edit your MS executable ( should be something like /sbin/MailScanner but I'm out of office right now) and at the end of the first line add "-U" (without quotes).

This should do the trick.

Tell me if it is Ok.

Best regards
-- 
Skynet srl - Via Maggiate 67/a - Borgomanero (NO)
Tel +39 0322 836487 - Fax +39 0322 836608
www.skynet-srl.com

Inviato dal mio tablet Android


-- 
Il messaggio e' stato analizzato alla ricerca di virus o 

contenuti pericolosi da SkyNet Srl, ed e' 
risultato non infetto. 




-- 
Danilo Marques de Gouveia


-- 
Il messaggio e' stato analizzato alla ricerca di virus o 
contenuti pericolosi da SkyNet Srl, ed e' 
risultato non infetto. 


Happy it did!

It seems to be related to perl update.

Which distro are you running?
-- 
Skynet srl - Via Maggiate 67/a - Borgomanero (NO)
Tel +39 0322 836487 - Fax +39 0322 836608
www.skynet-srl.com

Inviato dal mio tablet Android
-- 
Il messaggio e' stato analizzato alla ricerca di virus o
contenuti pericolosi da SkyNet SRL, ed e'
risultato non infetto.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20110505/473f6736/attachment.html

More information about the MailScanner mailing list