https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6313
--- Comment #1 from Mark Martinec <[email protected]> 2010-02-01 05:42:53 UTC --- The following posting is closely related, although not quite the same. A fix should address both. From: R P Herrold <...> To: [email protected] Date: Thu, 21 Jan 2010 18:49:28 -0500 (EST) Subject: SA 3.3.0 spamassassin taint issue I have not gotten this into the bugzilla, but ... as it appeas a 3.3 release is imminent, I though I should mention seeing this in my log files: I am getting this: Jan 20 18:17:40 vm049244181 spamd[14023]: spamd: Insecure dependency in chown while running with -T switch at /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin.pm line 1934, <GEN16> line 2. which is: if (($< == 0) && ($> == 0) && defined($user)) { # chown it my ($uid,$gid) = (getpwnam($user))[2,3]; unless (chown($uid, $gid, $fname)) { warn "config: couldn't chown $fname to $uid:$gid for $user: $!\n"; } sort of a sketchy test for 'root' here also -- Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
