Ryan,
> I did some digging and found that the problem originates in a call to
> IO:File in line 6781 of amavisd:
>
> 6781: } elsif ($fh->open($config_file,'+<')) {
>
> If the open mode '+<' is removed, everything works just fine. I've got
> another version of amavisd (2.3.2) running on an FC4 box (with
> IO:File-1.10) and both that line in amavisd and the open() sub in
> File.pm look the same. Anyone have any ideas?
Perl taint bug rear its ugly head again.
Try the following workaround:
--- amavisd~ Tue Jun 27 13:31:56 2006
+++ amavisd Wed Aug 23 21:49:52 2006
@@ -6776,4 +6776,5 @@
# too late to feel sorry now, but better late then never.
for my $config_file (@config_files) {
+ local($1); # don't let IO::Handle::_open_mode_string taint the $1 !
my($fh) = IO::File->new;
my($errn) = lstat($config_file) ? 0 : 0+$!;
Mark
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
