Rob,
> >From a bit of further testing, it looks like the tainting culprit is
>
> @disclaimer_options_bysender_maps =
> (read_hash("/usr/pkg/etc/disclaimers/disclaimers_by_sender"));
> Specifying disclaimer_options_bysender_maps directly in amavisd.conf gets
> disclaimers added correctly. I can go with this for now; is there any
> chance it might be looked at in a future release?
I see. So taint checks are doing what they are supposed to do :)
Replacing your current assignment by the following (in amavisd.conf)
should do:
my($h) = read_hash("/usr/pkg/etc/disclaimers/disclaimers_by_sender");
$h->{$_} = Amavis::Util::untaint($h->{$_}) for keys %$h;
@disclaimer_options_bysender_maps = ( $h );
I'm not sure whether the reported problem is a bug or a feature.
Mark
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
