SA Bugzilla – Bug 7510
Virtual Config dir: Insecure dependency in mkdir while running with -T switch
Last modified: 2018-08-28 23:46:22 UTC
Currently moving to a new Server with newer OS, Perl and SpamAssassin Version. From: Ubuntu 14.04.5 LTS Perl 5.18.2 SpamAssassin version 3.4.0 To: Ubuntu 16.04.3 LTS Perl 5.22.1 SpamAssassin version 3.4.1 /etc/default/spamassassin OPTIONS="-u spamd -D --create-prefs -m5 --virtual-config-dir=/var/opt/spamd/%u -x --daemonize --max-children 5" The above Options worked fine on the old Server, on the new Server i get a Perl error during creating the Folders for the User directories. Could not find anyone with the same problem, bug or a config error on my side? /var/opt/spamd exists rights should also be fine. Part from the Log: (Recipient address was office@domain.tld) spamd[1468]: spamd: using default config for office: /var/opt/spamd/office/user_prefs spamd[1468]: info: user has changed spamd[1468]: bayes: learner_new self=Mail::SpamAssassin::Plugin::Bayes=HASH(0x3065950), bayes_store_module=Mail::SpamAssassin::BayesStore::DBM spamd[1468]: bayes: learner_new: got store=Mail::SpamAssassin::BayesStore::DBM=HASH(0x35da948) spamd[1468]: config: using "/var/opt/spamd/office" for user state dir spamd[1468]: config: mkdir /var/opt/spamd/office failed: Insecure dependency in mkdir while running with -T switch at /usr/share/perl/5.22/File/Path.pm line 136, <GEN17> line 2. spamd[1468]: bayes: no dbs present, cannot tie DB R/O: /var/opt/spamd/office/bayes_toks spamd[1468]: config: score set 1 chosen. spamd[1468]: spamd: running as uid 1001 spamd[1468]: config: time limit 300.0 s spamd[1468]: message: line ending changed to CRLF spamd[1468]: message: main message type: text/plain spamd[1468]: spamd: processing message (unknown) for office:1001 spamd[1468]: check: pms new, time limit in 299.978 s spamd[1468]: bayes: no dbs present, cannot tie DB R/O: /var/opt/spamd/office/bayes_toks Has anyone seen this before? Thanks, Mathias
I think perhaps the newer perl is more strict (or accurate) on a taint issue? What happens if you make the directory? Something like this might be in order in spamd to untaint the dir: if (mkdir untaint($spam_conf_dir), 0700) { That something you can modify and test to give feedback? regards, KAM
No feedback from reporter