Taint issues on 4.85.2-1
Jerry Benton
jerry.benton at mailborder.com
Thu Apr 23 15:47:56 UTC 2015
In your MailScanner.conf there are permission and user settings.
In short, it is complaining for some reason, and it is probably insecure permissions. I have ran the latest MS on every OS supported by MailScanner and have not seen this issue. So the only thing I can come up with right now is a permissions issue in your settings or on your file system.
-
Jerry Benton
www.mailborder.com
> On Apr 23, 2015, at 11:41 AM, Jason Ede <J.Ede at birchenallhowden.co.uk> wrote:
>
> Here they are…
>
> /var/spool/MailScanner
>
> drwxr-xr-x 4 root root 4096 Nov 21 14:49 .
> drwxr-xr-x. 15 root root 4096 Apr 2 10:51 ..
> drwxr-x--- 17 postfix postfix 4096 Apr 23 16:36 incoming
> drwxr-x--- 21 postfix apache 4096 Apr 23 09:23 quarantine
>
> I use clamd
>
> Clamd Port = 3310
> Clamd Socket = /var/run/clamav/clamd.sock
> Clamd Lock File = /var/lock/subsys/clamd
> Clamd Use Threads = yes
>
> I don’t think I’ve missed any permissions, but it’s been a while since I’ve set up a MS server.
>
> Jason
>
>
> From: MailScanner [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton
> Sent: 23 April 2015 16:29
> To: MailScanner Discussion
> Subject: Re: Taint issues on 4.85.2-1
>
> 0660? 777? And ClamAV settings if you are using that?
>
> -
> Jerry Benton
> www.mailborder.com <http://www.mailborder.com/>
>
>
>
> On Apr 23, 2015, at 10:51 AM, Jason Ede <J.Ede at birchenallhowden.co.uk <mailto:J.Ede at birchenallhowden.co.uk>> wrote:
>
> They’re set to postfix and postfix. As far as I can see this user has read/write access where it needs to.
>
> Jason
>
>
> From: MailScanner [mailto:mailscanner-bounces at lists.mailscanner.info <mailto:mailscanner-bounces at lists.mailscanner.info>] On Behalf Of Jerry Benton
> Sent: 23 April 2015 15:39
> To: MailScanner Discussion
> Subject: Re: Taint issues on 4.85.2-1
>
> Jason,
>
> what do your have your file permissions set at when running? user? group?
>
> -
> Jerry Benton
> www.mailborder.com <http://www.mailborder.com/>
> Sent from my iPhone
>
> On Apr 23, 2015, at 05:57, Jason Ede <J.Ede at birchenallhowden.co.uk <mailto:J.Ede at birchenallhowden.co.uk>> wrote:
>
>
> Further info, when on Explode($batch) then in Message.pm around line 2250 where it does
> $entity = eval { $parser->parse($handle) };
>
> Seems to be the offending line.
>
> That’s as far as I can get with it before I get hopelessly lost
>
>
> From: MailScanner [mailto:mailscanner-bounces at lists.mailscanner.info <mailto:mailscanner-bounces at lists.mailscanner.info>] On Behalf Of Jason Ede
> Sent: 23 April 2015 09:55
> To: MailScanner Discussion
> Subject: RE: Taint issues on 4.85.2-1
>
> Ok, looking through the MailScanner.pm file…
>
> When in debug mode it’s complaining around line 1100 when it calls
>
> $batch->Explode($Debug);
>
> That triggers one line containing
> Insecure dependency in open while running with -T switch at /usr/lib64/perl5/vendor_perl/IO/File.pm line 185, <$fh> line 4.
>
> For each message in the batch.
>
>
> Also around line 1250 where it does
> $batch->SignUninfected();
> I get
> Insecure dependency in open while running with -T switch at /usr/lib64/perl5/vendor_perl/IO/File.pm line 185.
>
> for each message in the batch…
>
> Hopefully that will help narrow it down a bit…
>
> From: MailScanner [mailto:mailscanner-bounces at lists.mailscanner.info <mailto:mailscanner-bounces at lists.mailscanner.info>] On Behalf Of Jason Ede
> Sent: 23 April 2015 09:13
> To: MailScanner Discussion
> Subject: RE: Taint issues on 4.85.2-1
>
> Hi Jerry,
>
> Did you get the IO::File.pm file? The version of it is 1.14
>
> Will look at it a bit more from here…
>
> It’s the same on my production box and that is ok on an older version of MailScanner.
>
> Jason
>
>
> From: MailScanner [mailto:mailscanner-bounces at lists.mailscanner.info <mailto:mailscanner-bounces at lists.mailscanner.info>] On Behalf Of Jason Ede
> Sent: 21 April 2015 09:17
> To: MailScanner Discussion
> Subject: RE: Taint issues on 4.85.2-1
>
> Emailed you the file directly.
>
> Jason
>
> From: MailScanner [mailto:mailscanner-bounces at lists.mailscanner.info <mailto:mailscanner-bounces at lists.mailscanner.info>] On Behalf Of Jerry Benton
> Sent: 21 April 2015 09:06
> To: MailScanner Discussion
> Subject: Re: Taint issues on 4.85.2-1
>
> Mmmmm … not going to do it. Can you send me /usr/lib64/perl5/IO/File.pm ?
>
> -
> Jerry Benton
> www.mailborder.com <http://www.mailborder.com/>
>
>
>
> On Apr 21, 2015, at 4:04 AM, Jason Ede <J.Ede at birchenallhowden.co.uk <mailto:J.Ede at birchenallhowden.co.uk>> wrote:
>
> Hi Jerry,
>
> Here is the top of the file
>
> #
>
> package IO::File;
>
> =head1 NAME
>
> IO::File - supply object methods for filehandles
>
> =head1 SYNOPSIS
>
> use IO::File;
>
> $fh = new IO::File;
> if ($fh->open("< file")) {
> print <$fh>;
> $fh->close;
> }
>
> $fh = new IO::File "> file";
> if (defined $fh) {
> print $fh "bar\n";
> $fh->close;
> }
>
> $fh = new IO::File "file", "r";
> if (defined $fh) {
> print <$fh>;
> undef $fh; # automatically closes the file
> }
>
> $fh = new IO::File "file", O_WRONLY|O_APPEND;
> if (defined $fh) {
> print $fh "corge\n";
>
> $pos = $fh->getpos;
> $fh->setpos($pos);
>
> undef $fh; # automatically closes the file
> }
>
> autoflush STDOUT 1;
>
> =head1 DESCRIPTION
>
> From: MailScanner [mailto:mailscanner-bounces at lists.mailscanner.info <mailto:mailscanner-bounces at lists.mailscanner.info>] On Behalf Of Jerry Benton
> Sent: 13 April 2015 15:26
> To: MailScanner Discussion
> Subject: Re: Taint issues on 4.85.2-1
>
> I believe this is a perl-IO-File thing and not a MailScanner thing. Can you send the head of that file? First 20 lines or so.
>
> -
> Jerry Benton
> www.mailborder.com <http://www.mailborder.com/>
>
>
>
> On Apr 9, 2015, at 4:22 AM, Jason Ede <J.Ede at birchenallhowden.co.uk <mailto:J.Ede at birchenallhowden.co.uk>> wrote:
>
>
> Installed this version on my development environment on Centos 6.6 and then run debug and I get a load of taint errors
>
> MailScanner --debug
>
>
> In Debugging mode, not forking...
> Trying to setlogsock(unix)
> pyzor: check failed: internal error, python traceback seen in response
> Building a message batch to scan...
> Have a batch of 10 messages.
> Insecure dependency in open while running with -T switch at /usr/lib64/perl5/IO/File.pm line 185, <$fh> line 4.
> Insecure dependency in open while running with -T switch at /usr/lib64/perl5/IO/File.pm line 185, <$fh> line 4.
> Insecure dependency in open while running with -T switch at /usr/lib64/perl5/IO/File.pm line 185, <$fh> line 4.
> Insecure dependency in open while running with -T switch at /usr/lib64/perl5/IO/File.pm line 185, <$fh> line 4.
> Insecure dependency in open while running with -T switch at /usr/lib64/perl5/IO/File.pm line 185, <$fh> line 4.
> Insecure dependency in open while running with -T switch at /usr/lib64/perl5/IO/File.pm line 185, <$fh> line 4.
> Insecure dependency in open while running with -T switch at /usr/lib64/perl5/IO/File.pm line 185, <$fh> line 4.
> Insecure dependency in open while running with -T switch at /usr/lib64/perl5/IO/File.pm line 185, <$fh> line 4.
> Insecure dependency in open while running with -T switch at /usr/lib64/perl5/IO/File.pm line 185, <$fh> line 4.
> Insecure dependency in open while running with -T switch at /usr/lib64/perl5/IO/File.pm line 185, <$fh> line 4.
> Insecure dependency in open while running with -T switch at /usr/lib64/perl5/IO/File.pm line 185.
> Insecure dependency in open while running with -T switch at /usr/lib64/perl5/IO/File.pm line 185.
> Insecure dependency in open while running with -T switch at /usr/lib64/perl5/IO/File.pm line 185.
> Insecure dependency in open while running with -T switch at /usr/lib64/perl5/IO/File.pm line 185.
> Insecure dependency in open while running with -T switch at /usr/lib64/perl5/IO/File.pm line 185.
> Insecure dependency in open while running with -T switch at /usr/lib64/perl5/IO/File.pm line 185.
> Insecure dependency in open while running with -T switch at /usr/lib64/perl5/IO/File.pm line 185.
> Insecure dependency in open while running with -T switch at /usr/lib64/perl5/IO/File.pm line 185.
> Insecure dependency in open while running with -T switch at /usr/lib64/perl5/IO/File.pm line 185.
> Insecure dependency in open while running with -T switch at /usr/lib64/perl5/IO/File.pm line 185.
>
>
> Checked and /usr/sbin/MailScanner has the –U switch in it so it shouldn’t have this issue… Suggestions?
>
> Jason
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info <mailto:mailscanner at lists.mailscanner.info>
> http://lists.mailscanner.info/listinfo/mailscanner <http://lists.mailscanner.info/listinfo/mailscanner>
>
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info <mailto:mailscanner at lists.mailscanner.info>
> http://lists.mailscanner.info/listinfo/mailscanner <http://lists.mailscanner.info/listinfo/mailscanner>
>
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info <mailto:mailscanner at lists.mailscanner.info>
> http://lists.mailscanner.info/listinfo/mailscanner <http://lists.mailscanner.info/listinfo/mailscanner>
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info <mailto:mailscanner at lists.mailscanner.info>
> http://lists.mailscanner.info/listinfo/mailscanner <http://lists.mailscanner.info/listinfo/mailscanner>
>
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info <mailto:mailscanner at lists.mailscanner.info>
> http://lists.mailscanner.info/listinfo/mailscanner <http://lists.mailscanner.info/listinfo/mailscanner>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150423/68b1b1a8/attachment.html>
More information about the MailScanner
mailing list