On 01/25/2017 4:55 AM, Alexei Pastuchov wrote: > quick&& insecure solution: > rm -t in NfProfile.pm line 3026. >
That didn't work for me, but I did this crude hack for addressing the taint issues with the vairables returned by ProfilePath. Use at your own risk until a permanent fix has been released as it does *not* sanitize the input as it really should. [foo@bar libexec]# diff -c NfProfile.pm.ORIG NfProfile.pm *** NfProfile.pm.ORIG 2017-01-25 13:18:48.443703130 -0600 --- NfProfile.pm 2017-01-25 13:10:26.418745710 -0600 *************** *** 142,147 **** --- 142,149 ---- sub ProfilePath { my $profile = shift; my $profilegroup = shift; + $profile =~ /(.*)/ && ($profile = $1); + $profilegroup =~ /(.*)/ && ($profilegroup = $1); if ( !defined $profilegroup || $profilegroup eq '.' ) { return "$profile"; -James > 3026: $args .= "-t $_t " if defined $profileinfo{'expire'}; > > >> On 25 January 2017 at 10:17 Giles Coochey<gi...@coochey.net> wrote: >> I ran the upgrade and receive the following error when trying to restart >> NFsen: >> >> Insecure dependency in sysopen while running with -T switch at >> /opt/nfsen/libexec/NfProfile.pm line 836 >> >> Any ideas? >> >> -- >> Regards, >> >> Giles Coochey >> +44 (0) 7584 634 135 >> +44 (0) 1803 529 451 >> gi...@coochey.net >> >> >> ------------------------------------------------------------------------------ >> Check out the vibrant tech community on one of the world's most >> engaging tech sites, SlashDot.org! >> http://sdm.link/slashdot_______________________________________________ >> Nfsen-discuss mailing list >> Nfsen-discuss@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/nfsen-discuss >> > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, SlashDot.org! http://sdm.link/slashdot > _______________________________________________ > Nfsen-discuss mailing list > Nfsen-discuss@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nfsen-discuss > > > ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Nfsen-discuss mailing list Nfsen-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nfsen-discuss