Insecure dependency in SA plugin

30 Nov 2004 03:37:13 -0000 

So, I'm not new to perl or taint mode, but I've been stumbling on this
problem all weekend without finding a fix

$envfrom=some tainted source, i.e. $permsgstatus->get($option{'envfromhdr'})
# clean variables to run properly under -T
#$envfrom =~ /(.+)/; # this didn't work, so maybe my perl is more picky and
                     # won't untain on .+ anymore?
$envfrom =~ m'([-!#%( )*+,.0123456789:<=>[EMAIL PROTECTED]|}~]+)';
$envfrom = $1 or "";
warn "GREYLIST envfrom: $envfrom\n";
mkdir "/tmp/$envfrom";

The problem is that even the above code still gives me insecure depency errors.
Nov 29 19:06:45 magic spamd[9297]: GREYLIST entered
Nov 29 19:06:45 magic spamd[9297]: GREYLIST running
Nov 29 19:06:45 magic spamd[9297]: GREYLIST envfrom: [EMAIL PROTECTED]
Nov 29 19:06:46 magic spamd[9297]: result: . -2 - 
BAYES_00,GREYLIST_ISWHITE,NOREVDNS scantime=8.0,size=3199,mid=<[EMAIL 
PROTECTED]>,bayes=1.11022302462516e-16,autolearn=ham
Nov 29 19:08:35 magic spamd[21955]: GREYLIST entered
Nov 29 19:08:35 magic spamd[21955]: GREYLIST running
Nov 29 19:08:35 magic spamd[21955]: GREYLIST envfrom: [EMAIL PROTECTED]
Nov 29 19:08:35 magic spamd[21955]: Failed to run GREYLIST_ISWHITE SpamAssassin 
test, skipping:__(Insecure dependency in mkdir while running with -T switch at 
/usr/share/perl5/Mail/SpamAssassin/Plugin/Greylisting.pm line 162._)

But, here's the kicker: only sometimes (see above). 
I've added the warn to see if that was related to the Email, but I haven't
found any pattern yet.

I'm starting to suspect my perl, because
1) a pattern being tainted sometimes but not always isn't right
2) the perlsec man page still says that even $envfrom =~ /(.+)/;
   $envfrom = ($1 or "");
   should untaint the variable.
3) this happens one time in ten more or less
4) it doesn't even seem to depend on the type of data in the variable
   (see the above, two similar VERP addresses, one went through and one didn't)

I'm running the latest debian perl: 5.8.4-4

Am I missing some SA trick, or should I take this with the perl folks?

Thanks,
Marc
-- 
"A mouse is a device used to point at the xterm you want to type in" - A.S.R.
Microsoft is to operating systems & security ....
                                      .... what McDonalds is to gourmet cooking
Home page: http://marc.merlins.org/   |   Finger [EMAIL PROTECTED] for PGP key

Reply via email to