spamd running with virtual-config-dir mkdir error
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
SpamAssassin |
Fix Released
|
High
|
|||
spamassassin (Debian) |
New
|
Unknown
|
|||
spamassassin (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Bionic |
Won't Fix
|
Medium
|
Unassigned | ||
Focal |
Fix Released
|
Medium
|
Mitchell Dzurick | ||
Impish |
Won't Fix
|
Medium
|
Unassigned | ||
Jammy |
Fix Released
|
Medium
|
Mitchell Dzurick | ||
Kinetic |
Fix Released
|
Undecided
|
Mitchell Dzurick | ||
Lunar |
Fix Released
|
Medium
|
Unassigned |
Bug Description
[ Impact ]
The vconfig path could be tainted which would cause an error. This upload fixes that by untainting the path. This is done by a helper function to modify the path before attempting to use it.
This bug is low priority but is still helpful for certain users as it's easy to reproduce.
[ Where problems could occur ]
The only change here is to use a helper function Mail::SpamAssas
[Test Plan]
In a terminal, run:
$ sudo apt-get install spamassassin
$ sudo spamd -d --pidfile=
ll -u debian-spamd -g debian-spamd --max-children=5 --min-children=3 --max-spare=3 -D
$ cat > test.mbox <<EOF
From: test
To: test
Subject: test
test
EOF
$ spamc < test.mbox
$ sudo grep vconfig/ /var/log/mail.log
In the bugged case, the first terminal will show output like:
Jun 24 20:48:11 host spamd[1801774]: spamd: using default config for username: /var/lib/
Jun 24 20:48:11 host spamd[1801774]: config: using "/var/lib/
Jun 24 20:48:11 host spamd[1801774]: config: mkdir /var/lib/
In the fixed case, that last line won't be printed.
[Original Report]
Hi,
I'm installing our new relay and as before I'm running spamd with --virtual-
"spamd -d --pidfile=
It works well but it cannot create the vconfig dir if it's not existing.
I've put spamd in debug and the problem is with perl tainted:
config: mkdir /var/lib/
I solved the problem running spamd without -T option (as arch linux is doing) but it could be great to fix this tainted variable.
Thanks
Giuseppe
PS: I reported the same bug to spamassassin bugtracking with ID 7646
Related branches
- Lena Voytek (community): Approve
- Canonical Server Reporter: Pending requested
-
Diff: 50 lines (+28/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/fix-mkpath-untainted.patch (+20/-0)
debian/patches/series (+1/-0)
- Lena Voytek (community): Approve
- Canonical Server Reporter: Pending requested
-
Diff: 50 lines (+28/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/fix-mkpath-untainted.patch (+20/-0)
debian/patches/series (+1/-0)
- Lena Voytek (community): Approve
- Canonical Server Reporter: Pending requested
-
Diff: 50 lines (+28/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/fix-mkpath-untainted.patch (+20/-0)
debian/patches/series (+1/-0)
Changed in spamassassin: | |
importance: | Unknown → High |
status: | Unknown → Confirmed |
Changed in spamassassin (Debian): | |
status: | Unknown → New |
Changed in spamassassin: | |
status: | Confirmed → Fix Released |
description: | updated |
description: | updated |
tags: | added: patch |
description: | updated |
Changed in spamassassin (Ubuntu Kinetic): | |
assignee: | nobody → Mitchell Dzurick (mitchdz) |
Changed in spamassassin (Ubuntu Jammy): | |
assignee: | nobody → Mitchell Dzurick (mitchdz) |
Changed in spamassassin (Ubuntu Focal): | |
assignee: | nobody → Mitchell Dzurick (mitchdz) |
Changed in spamassassin (Ubuntu Kinetic): | |
status: | New → Incomplete |
status: | Incomplete → In Progress |
Changed in spamassassin (Ubuntu Jammy): | |
status: | Triaged → In Progress |
Hi, config- dir option enabled: /var/run/ spamd.pid -c -x --virtual- config- dir=/var/ lib/spamassassi n/vconfig/ %u/ --allow-tell -u debian-spamd -g debian-spamd --max-children=5 --min-children=3 --max-spare=3"
I'm installin our new relay and as before I'm running spamd with --virtual-
"spamd -d --pidfile=
It works well but it cannot create the vconfig dir if it's not existing.
I've put spamd in debug and the problem is with perl tainted:
config: mkdir /var/lib/ spamassassin/ vconfig/ giuseppe/ failed: Insecure dependency in mkdir while running with -T switch at /usr/share/ perl/5. 26/File/ Path.pm line 177, <GEN10> line 2.
I solved the problem running spamd without -T option (as arch linux is doing) but it could be great to fix this tainted variable.
Thanks
Giuseppe