Niko Tyni wrote:
Hi security team,
I'm very sorry that you have to hear from me again :(
There's a regression in the patch for DSA-960-1, for both woody and sarge.
When $HOME is not set, Mail::Audit is now creating logfiles in cwd and
dying if it's not writable. This happens even if logging is turned off,
which makes the problem much more serious.
Doo, I have to agree that it is confusing to have tempdir() use different
parameters as tempfile(), but only partially.
I have not yet had a proper look at the proposed patches in #350954 and
the last message of #344029, but I wanted to make you aware of this.
Again, my apologies for the bad handling of this.
Comments to the attached patch, which are least intrusive to the
update we're already distributing?
Regards,
Joey
--
MIME - broken solution for a broken design. -- Ralf Baechle
Please always Cc to me when replying to me on the lists.
diff -u libmail-audit-perl-2.1/Audit.pm libmail-audit-perl-2.1/Audit.pm
--- libmail-audit-perl-2.1/Audit.pm
+++ libmail-audit-perl-2.1/Audit.pm
@@ -4,7 +4,13 @@
my $logging;
my $loglevel=3;
-my $logfile = /tmp/.getpwuid($).-audit.log;
+my $logfile;
+if (exists $ENV{HOME} and defined $ENV{HOME} and -d $ENV{HOME}) {
+ $logfile = $ENV{HOME}/.mail_audit.log;
+}
+else {
+ (undef,$logfile) = tempfile(mail_audit.log-X, DIR =
File::Spec-tmpdir);
+}
# --
# no user-modifiable parts below this line.
@@ -18,6 +24,8 @@
use vars qw($VERSION @ISA @EXPORT @EXPORT_OK $ASSUME_MSGPREFIX);
# @ISA will depend on whether the message is MIME; if it is, we'll be
MIME::Entity. if not, we'll be Mail::Internet.
use Fcntl ':flock';
+use File::Spec;
+use File::Temp qw(tempfile);
$ASSUME_MSGPREFIX = 0;
--- libmail-audit-perl-2.1.orig/Audit/MimeEntity.pm
+++ libmail-audit-perl-2.1/Audit/MimeEntity.pm
@@ -4,6 +4,7 @@
use strict;
use File::Path;
+use File::Temp qw(tempdir);
use MIME::Parser;
use MIME::Entity;
use Mail::Audit::MailInternet;
@@ -12,10 +13,12 @@
$VERSION = '2.0';
-$MIME_PARSER_TMPDIR = /tmp/.getpwuid($).-mailaudit;
-
my $parser = MIME::Parser-new();
+# Create a tempdir using File::Temp::tempdir, have it be destroyed at
+# END{} time.
+$MIME_PARSER_TMPDIR = tempdir(CLEANUP = 1);
+
my @to_rmdir;
sub autotype_new {
@@ -23,8 +26,6 @@
my $mailinternet = shift;
$parser-ignore_errors(1);
-mkdir ($MIME_PARSER_TMPDIR, 0777);
-if (! -d $MIME_PARSER_TMPDIR) { $MIME_PARSER_TMPDIR = /tmp }
$parser-output_under($MIME_PARSER_TMPDIR);
# todo: add eval error trapping. if there's a problem, return
Mail::Audit::MailInternet as a fallback.
diff -u libmail-audit-perl-2.1/Audit.pm libmail-audit-perl-2.1/Audit.pm
--- libmail-audit-perl-2.1/Audit.pm
+++ libmail-audit-perl-2.1/Audit.pm
@@ -6,10 +6,10 @@
my $loglevel=3;
my $logfile;
if (exists $ENV{HOME} and defined $ENV{HOME} and -d $ENV{HOME}) {
- $logfile = $ENV{HOME}/.mail_audit.log
+ $logfile = $ENV{HOME}/.mail_audit.log;
}
else {
- (undef,$logfile) = tempfile(mail_audit.log-X,TMPDIR=1);
+ (undef,$logfile) = tempfile(mail_audit.log-X, DIR =
File::Spec-tmpdir);
}
# --
@@ -24,6 +24,7 @@
use vars qw($VERSION @ISA @EXPORT @EXPORT_OK $ASSUME_MSGPREFIX);
# @ISA will depend on whether the message is MIME; if it is, we'll be
MIME::Entity. if not, we'll be Mail::Internet.
use Fcntl ':flock';
+use File::Spec;
use File::Temp qw(tempfile);
$ASSUME_MSGPREFIX = 0;