subject:"\[Bug 7510\] Virtual Config dir\: Insecure dependency in mkdir while running with \-T switch"

[Bug 7510] Virtual Config dir: Insecure dependency in mkdir while running with -T switch

2018-08-28 Thread bugzilla-daemon

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7510

Kevin A. McGrail  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |INVALID

--- Comment #2 from Kevin A. McGrail  ---
No feedback from reporter

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 7510] Virtual Config dir: Insecure dependency in mkdir while running with -T switch

2017-11-30 Thread bugzilla-daemon

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7510

Kevin A. McGrail  changed:

   What|Removed |Added

 CC||kmcgr...@apache.org

--- Comment #1 from Kevin A. McGrail  ---
I think perhaps the newer perl is more strict (or accurate) on a taint issue?

What happens if you make the directory?

Something like this might be in order in spamd to untaint the dir:

if (mkdir untaint($spam_conf_dir), 0700) {

That something you can modify and test to give feedback?

regards,
KAM

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 7510] Virtual Config dir: Insecure dependency in mkdir while running with -T switch

[Bug 7510] Virtual Config dir: Insecure dependency in mkdir while running with -T switch

2 matches

Site Navigation

Mail list logo

Footer information