Mailing List Archive

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325

felicity@kluge.net changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WORKSFORME



------- Additional Comments From felicity@kluge.net 2004-04-28 14:45 -------
I can't reproduce this one either.

but I did notice -- "running setuid" ?



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325





------- Additional Comments From jon@latchkey.com 2004-04-28 14:47 -------
i dunno about the setuid...i'm running spamd as root so maybe that is problem?

jon



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325





------- Additional Comments From felicity@kluge.net 2004-04-28 15:25 -------
Subject: Re: Insecure dependency

On Wed, Apr 28, 2004 at 02:47:47PM -0700, bugzilla-daemon@bugzilla.spamassassin.org wrote:
> i dunno about the setuid...i'm running spamd as root so maybe that is problem?

No. Just for kicks, I tried that too, as well as setting both perl and
the script setuid. Nothing. <shrug>





------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325





------- Additional Comments From graham@gmurray.org.uk 2004-04-28 23:51 -------
Created an attachment (id=1927)
--> (http://bugzilla.spamassassin.org/attachment.cgi?id=1927&action=view)
Log showing insecure dependency

THis is an extract from the spamd log showing insecure dependency in DNS.pm.
This is from SVN 10412



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325





------- Additional Comments From graham@gmurray.org.uk 2004-04-28 23:52 -------
Created an attachment (id=1928)
--> (http://bugzilla.spamassassin.org/attachment.cgi?id=1928&action=view)
lsof of spamd showing the large number of UDP sockets

lsof output for spamd showing the large number of accumulating UDP sockets



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325

graham@gmurray.org.uk changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |graham@gmurray.org.uk



------- Additional Comments From graham@gmurray.org.uk 2004-04-28 23:54 -------
I am still seeing this on Linux using perl 2.8.4 spamassassin SVN 10412 (taken
this morning). After the insecure dependency, spamd is leaving a lot of UDP
listening sockets open.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325





------- Additional Comments From graham@gmurray.org.uk 2004-04-28 23:56 -------
Sorry. Forgot to say that make test showed no errors.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325

felicity@kluge.net changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|WORKSFORME |



------- Additional Comments From felicity@kluge.net 2004-04-29 00:04 -------
reopening.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325





------- Additional Comments From jon@latchkey.com 2004-04-29 00:25 -------
I just gotta say that you guys are being a bit hasty in closing my bugs as WFM.
Just cause I stopped using perl years ago, doesn't mean that I'm a complete idiot.

jon@apache.org
co-founder jakarta.apache.org



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325





------- Additional Comments From felicity@kluge.net 2004-04-29 13:53 -------
I installed a fresh perl 5.8.4 on my linux machine today, and put just the SA dependencies on there.

I have no problems either in "make test" nor when sending messages through spamd.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325





------- Additional Comments From jon@latchkey.com 2004-04-30 13:08 -------
Updated to revision 10452.

Apr 30 13:05:47 takahe spamd[9376]: logmsg: error: Insecure dependency in eval
while running setuid at /Library/Perl/5.8.2/Mail/SpamAssassin/Dns.pm line 215._
, continuing
Apr 30 13:05:47 takahe spamd[9376]: error: Insecure dependency in eval while
running setuid at /Library/Perl/5.8.2/Mail/SpamAssassin/Dns.pm line 215._ ,
continuing




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325





------- Additional Comments From jon@latchkey.com 2004-04-30 13:08 -------
and this...

Apr 30 13:05:47 takahe spamd[9376]: Failed to run __HTML_LENGTH_512 SpamAssassin
test, skipping:__(Insecure dependency in eval while running setuid at
/Library/Perl/5.8.2/Mail/SpamAssassin/EvalTests.pm line 3136, <GEN729> line 35._)
Apr 30 13:05:47 takahe spamd[9376]: Failed to run HTML_SHORT_LENGTH SpamAssassin
test, skipping:__(Insecure dependency in eval while running setuid at
/Library/Perl/5.8.2/Mail/SpamAssassin/EvalTests.pm line 3136, <GEN729> line 35._)
Apr 30 13:05:47 takahe spamd[9376]: Failed to run __HTML_LENGTH_384 SpamAssassin
test, skipping:__(Insecure dependency in eval while running setuid at
/Library/Perl/5.8.2/Mail/SpamAssassin/EvalTests.pm line 3136, <GEN729> line 35._)




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325





------- Additional Comments From jon@latchkey.com 2004-05-01 03:31 -------
still seeing this one after upgrading to 5.8.4

May 1 03:28:56 takahe spamd[6296]: Failed to run __HTML_LENGTH_512 SpamAssassin
test, skipping:__(Insecure dependency in eval while running setuid at
/Library/Perl/5.8.4/Mail/SpamAssassin/EvalTests.pm line 3136, <GEN55> line 60._)
May 1 03:28:56 takahe spamd[6296]: Failed to run HTML_SHORT_LENGTH SpamAssassin
test, skipping:__(Insecure dependency in eval while running setuid at
/Library/Perl/5.8.4/Mail/SpamAssassin/EvalTests.pm line 3136, <GEN55> line 60._)
May 1 03:28:56 takahe spamd[6296]: Failed to run __HTML_LENGTH_384 SpamAssassin
test, skipping:__(Insecure dependency in eval while running setuid at
/Library/Perl/5.8.4/Mail/SpamAssassin/EvalTests.pm line 3136, <GEN55> line 60._)

...
...

May 1 03:28:58 takahe spamd[6296]: logmsg: error: Insecure dependency in eval
while running setuid at /Library/Perl/5.8.4/Mail/SpamAssassin/Dns.pm line 215._
, continuing
May 1 03:28:58 takahe spamd[6296]: error: Insecure dependency in eval while
running setuid at /Library/Perl/5.8.4/Mail/SpamAssassin/Dns.pm line 215._ ,
continuing




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325





------- Additional Comments From jon@latchkey.com 2004-05-01 03:31 -------
I should add that I confirmed that SA stops processing the message after seeing
the DNS line errors.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325





------- Additional Comments From jon@latchkey.com 2004-05-01 03:40 -------
maybe this is helpful...

Dns.pm:~@215

dbg("JSS: $subtest");
dbg("JSS: $rdatastr");
print STDERR "$subtest\n";
print STDERR "$rdatastr\n";
$self->got_hit($rule, "SenderBase: ") if !$undef && eval "$subtest";


gives:

May 1 03:38:41 takahe spamd[6405]: debug: JSS: S23 > 6.2 && (time - S25 <
120*86400)
May 1 03:38:41 takahe spamd[6405]: debug: JSS: 54=-75.0103|55=39.9087
May 1 03:38:41 takahe spamd[6405]: debug: JSS: $sb{23} > 6.2 && (time - $sb{25}
< 120*86400)
May 1 03:38:41 takahe spamd[6405]: debug: JSS: 0=1|1=Comcast Cable
Communications,
Inc.|2=8.8|3=8.7|4=1359236|5=NSP|6=1060084515|7=5|8=3449520|9=31301|20=pcp03313239pcs.wchryh01.nj.|21=comcast.net|22=Y|23=8.7|24=8.9|25=1049184000|40=5.2|41=5.2|45=N|49=1.00|50=Cherry
Hill|51=NJ|52=08002|53=US|
May 1 03:38:41 takahe spamd[6405]: logmsg: error: Insecure dependency in eval
while running setuid at /Library/Perl/5.8.4/Mail/SpamAssassin/Dns.pm line 217._
, continuing
May 1 03:38:41 takahe spamd[6405]: error: Insecure dependency in eval while
running setuid at /Library/Perl/5.8.4/Mail/SpamAssassin/Dns.pm line 217._ ,
continuing




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325





------- Additional Comments From jon@latchkey.com 2004-05-01 03:41 -------
yet another example:

May 1 03:41:08 takahe spamd[6405]: debug: JSS: S23 > 6.2 && (time - S25 <
120*86400)
May 1 03:41:08 takahe spamd[6405]: debug: JSS: 0=1|1=Kabel
NRW|2=6.1|3=6.1|4=480384|6=1057157881|7=120|8=40992|9=203|20=ip52.3.|21=1411k-cud12k-01.ish.de|22=Y|24=3.4|25=1049184000|40=5.3|41=4.0|45=N|49=1.00|50=Kabel|53=DE|54=7.4833|55=51.4

May 1 03:41:08 takahe spamd[6405]: debug: JSS: $sb{23} > 6.2 && (time - $sb{25}
< 120*86400)
May 1 03:41:08 takahe spamd[6405]: debug: JSS: 0=1|1=CPCNet Hong Kong
Ltd.|2=5.9|3=6.1|4=527080|6=1057244222|7=291|8=90446|9=136|20=spf2.hk.|21=outblaze.com|22=Y|23=6.7|24=7.1|25=1049184000|40=5.6|41=5.9|45=N|49=1.00|53=HK|54=114.167|55=22.25

May 1 03:41:08 takahe spamd[6405]: logmsg: error: Insecure dependency in eval
while running setuid at /Library/Perl/5.8.4/Mail/SpamAssassin/Dns.pm line 217._
, continuing
May 1 03:41:08 takahe spamd[6405]: error: Insecure dependency in eval while
running setuid at /Library/Perl/5.8.4/Mail/SpamAssassin/Dns.pm line 217._ ,
continuing




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325





------- Additional Comments From jon@latchkey.com 2004-05-01 03:48 -------
some messages go through ok...

May 1 03:47:35 takahe spamd[6503]: debug: JSS: $sb{23} > 6.2 && (time - $sb{25}
< 120*86400)
May 1 03:47:35 takahe spamd[6503]: debug: JSS: 0=1|1=Comcast Cable
Communications,
Inc.|2=8.8|3=8.7|4=1359236|5=NSP|6=1060084515|7=5|8=3449520|9=31301|20=c-24-15-145-117.client.|21=comcast.net|22=Y|23=8.7|24=8.9|25=1049184000|40=6.0|41=5.6|45=N|49=1.00

May 1 03:47:35 takahe spamd[6503]: debug: JSS: $sb{23} > 6.2 && (time - $sb{25}
< 120*86400)
May 1 03:47:35 takahe spamd[6503]: debug: JSS: 0=1|1=Webster Computer
Corporation Pty.
Ltd.|2=4.6|3=4.5|4=516839|6=1054652283|7=30|8=46592|9=13|20=fresnel.|21=cliq.org|23=3.4|24=3.4|25=1049184000|41=1.2|45=N|49=1.00|50=Berkeley|51=CA|52=94709|53=US|54=-122.266|55=37.8798

May 1 03:47:35 takahe spamd[6503]: debug: JSS: $sb{23} > 6.2 && (time - $sb{25}
< 120*86400)
May 1 03:47:35 takahe spamd[6503]: debug: JSS: 0=1|1=Webster Computer
Corporation Pty.
Ltd.|2=4.6|3=4.5|4=516839|6=1054652283|7=30|8=46592|9=13|20=feynman.|21=cliq.org|22=Y|23=3.4|24=3.4|25=1049184000|40=3.5|41=3.4|45=N|49=1.00|50=Berkeley|51=CA|52=94709|53=US|54=-122.266|55=37.8798

May 1 03:47:35 takahe spamd[6503]: debug: URIDNSBL: queries completed: 0
started: 0
May 1 03:47:35 takahe spamd[6503]: debug: URIDNSBL: queries active: NS=1 at Sat
May 1 03:47:35 2004




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325





------- Additional Comments From jon@latchkey.com 2004-05-01 04:30 -------
more debugging:

seems to work fine:

May 1 04:23:20 takahe spamd[6676]: debug: JSS subtest: S23 > 6.2 && (time - S25
< 120*86400)
May 1 04:23:20 takahe spamd[6676]: debug: JSS rdatastr: 0=1|1=Naval Education
and Training Program
Management|2=4.3|3=4.5|4=528552|6=1054651958|8=262400|9=10|45=N|49=1.00|50=Pensacola|51=FL|52=32509|53=US|54=-87.3403|55=30.4643

May 1 04:23:20 takahe spamd[6676]: debug: JSS rule: SENDERBASE_NEW_BULK
May 1 04:23:20 takahe spamd[6676]: debug: JSS subtest: $sb{23} > 6.2 && (time -
$sb{25} < 120*86400)
May 1 04:23:20 takahe spamd[6676]: debug: JSS rdatastr:
0=1|1=Zocalo|2=5.4|3=5.3|4=217612|6=1057244183|7=48|8=59656|9=31|20=share.|21=whichever.com|22=Y|23=2.7|24=3.2|25=1049184000|40=3.2|41=3.0|45=N|49=1.00|50=Berkeley|51=CA|52=94709|53=US|54=-122.266|55=37.8798

May 1 04:23:20 takahe spamd[6676]: debug: JSS rule: SENDERBASE_NEW_BULK
May 1 04:23:20 takahe spamd[6676]: debug: JSS subtest: S23 > 6.2 && (time - S25
< 120*86400)
May 1 04:23:20 takahe spamd[6676]: debug: JSS rdatastr: 54=-71.4594|55=42.4464
May 1 04:23:20 takahe spamd[6676]: debug: JSS rule: SENDERBASE_NEW_BULK
May 1 04:23:20 takahe spamd[6676]: debug: JSS subtest: $sb{23} > 6.2 && (time -
$sb{25} < 120*86400)
May 1 04:23:20 takahe spamd[6676]: debug: JSS rdatastr: 0=1|1=Comcast Cable
Communications Holdings,
Inc|2=8.2|3=8.2|4=1566970|6=1060084515|7=35|8=1834972|9=9681|20=h00402b32aec5.ne.client2.|21=attbi.com|22=Y|23=8.1|24=8.3|25=1049184000|40=5.9|41=4.4|45=N|49=1.00|50=Chelmsford|51=MA|52=01824|53=US|

May 1 04:23:20 takahe spamd[6676]: debug: JSS rule: SENDERBASE_NEW_BULK


doesn't seem to work:

May 1 04:25:15 takahe spamd[6676]: debug: JSS subtest: $sb{23} > 6.2 && (time -
$sb{25} < 120*86400)
May 1 04:25:15 takahe spamd[6676]: debug: JSS rdatastr: 0=1|1=CollabNet,
Inc.|2=6.7|3=6.6|4=114359|6=1057244176|7=7|8=3168|9=25|20=daedalus.|21=apache.org|22=Y|23=6.4|24=6.5|25=1049184000|40=6.5|41=6.4|45=N|49=1.00|50=Brisbane|51=CA|52=94005|53=US|54=-122.404|55=37.6892

May 1 04:25:15 takahe spamd[6676]: debug: JSS rule: SENDERBASE_NEW_BULK
May 1 04:25:15 takahe spamd[6676]: logmsg: error: Insecure dependency in eval
while running setuid at /Library/Perl/5.8.4/Mail/SpamAssassin/Dns.pm line 218._
, continuing
May 1 04:25:15 takahe spamd[6676]: error: Insecure dependency in eval while
running setuid at /Library/Perl/5.8.4/Mail/SpamAssassin/Dns.pm line 218._ ,
continuing





------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325





------- Additional Comments From jon@latchkey.com 2004-05-01 04:38 -------
i was able to stop the pain of the HTML rule related errors by saying:

score HTML_SHORT_COMMENT 0
score HTML_SHORT_LENGTH 0
score __HTML_LENGTH_384 0
score __HTML_LENGTH_512 0




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325





------- Additional Comments From jon@latchkey.com 2004-05-01 05:28 -------
I can fix all of the errors I get by doing this...

score HTML_SHORT_COMMENT 0
score HTML_SHORT_LENGTH 0
score __HTML_LENGTH_384 0
score __HTML_LENGTH_512 0
score SENDERBASE_NEW_BULK 0

seems like there is something wrong with those rules.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325





------- Additional Comments From felicity@kluge.net 2004-05-01 12:24 -------
I don't think it matters, but just to check: what version of Net::DNS do you
have installed?


I've been digging around and can't see where any tainted data could be though:

S23 > 6.2 && (time - S25 < 120*86400)

the whole string is from the config, which gets detainted when it's read in. it
gets converted to the eval:

$sb{23} > 6.2 && (time - $sb{25} < 120*86400)

which would still be untainted as a whole. %sb is untainted at creation time.
so unless something magically gets tainted, or time is considered tainted (which
would break a hell of a lot more code) ...



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325





------- Additional Comments From jon@latchkey.com 2004-05-01 12:33 -------
cpan> m Net::DNS
CPAN: Storable loaded ok
Going to read /var/root/.cpan/Metadata
Database was generated on Fri, 30 Apr 2004 15:01:24 GMT
LWP not available
CPAN: Net::FTP loaded ok
Fetching with Net::FTP:
ftp://archive.progeny.com/CPAN/authors/01mailrc.txt.gz
Going to read /var/root/.cpan/sources/authors/01mailrc.txt.gz
LWP not available
Fetching with Net::FTP:
ftp://archive.progeny.com/CPAN/modules/02packages.details.txt.gz
Going to read /var/root/.cpan/sources/modules/02packages.details.txt.gz
Database was generated on Sat, 01 May 2004 10:59:56 GMT
HTTP::Date not available
LWP not available
Fetching with Net::FTP:
ftp://archive.progeny.com/CPAN/modules/03modlist.data.gz
Going to read /var/root/.cpan/sources/modules/03modlist.data.gz
Going to write /var/root/.cpan/Metadata
Module id = Net::DNS
DESCRIPTION Interface to the DNS resolver
CPAN_USERID CREIN (Chris Reinhardt <cpan@triv.org>)
CPAN_VERSION 0.47
CPAN_FILE C/CR/CREIN/Net-DNS-0.47.tar.gz
DSLI_STATUS RmhO (released,mailing-list,hybrid,object-oriented)
MANPAGE Net::DNS - Perl interface to the DNS resolver
INST_FILE /Library/Perl/5.8.4/darwin/Net/DNS.pm
INST_VERSION 0.47


cpan> install Net::DNS
Net::DNS is up to date.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325





------- Additional Comments From jon@latchkey.com 2004-05-01 12:35 -------
I should add that I'm now using a cleanly installed perl 5.8.4.

I have removed all previous traces of OSX's perl installation.

I have run CPAN's install on all of the dependencies required in the SA README
to confirm that everything is up-to-date.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.spamassassin.org/show_bug.cgi?id=3325





------- Additional Comments From jon@latchkey.com 2004-05-01 12:38 -------
I justed noticed the line from CPAN...

HTTP::Date not available

so, I just installed that (via: libwww-perl-5.79) as well.

It isn't listed as a SA requirement though.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.