Date: Fri, 21 Jun 2013 23:13:23 +0200 From: Philip Paeps <philip@freebsd.org> To: Paul Beard <paulbeard@gmail.com> Cc: freebsd-ports-bugs@FreeBSD.org Subject: Re: ports/177416: mail/postgrey has surfaced a bug in perl's taint checking Message-ID: <20130621211323.GB36696@rincewind.paeps.cx> In-Reply-To: <34DD4198-DEEF-4FB5-A613-D521D6B707A8@gmail.com> References: <201304031610.r33GA1MP005384@freefall.freebsd.org> <20130621203055.GA36696@rincewind.paeps.cx> <34DD4198-DEEF-4FB5-A613-D521D6B707A8@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2013-06-21 13:51:01 (-0700), Paul Beard <paulbeard@gmail.com> wrote: > On Jun 21, 2013, at 1:30 PM, Philip Paeps <philip@freebsd.org> wrote: > > One way to fix this would be to look for every port that depends on > > p5-Getopt-Long and make that dependency conditional on versions of perl > > which don't have a bundled Getopt::Long. But perhaps there is a more > > elegant way? > > I thought I might test this. It worked for me[tm]. :-) > So it looks like I still can't get it to work with a socket (I wish I > had tried before the install/deinstall of Getopt-Long). I only tried with a UNIX socket, not with an INET socket, but the culprit is likely the same: Socket.pm is pulling in some other module that taints what its passing to the socket call. Unfortunately, I don't seem to have a Perl module on my system causing it to fail anymore (after getting rid of Getopt::Long). One thing you could do though, is find foo.pm files in site_perl which also exist in perl/5.14. The problem is caused by Socket.pm picking up something from site_perl instead of the same something bundled with Perl. > As I have no inbound mail service (thx, Comcast), it's no longer an > issue for me. Thanks for testing though! - Philip -- Philip Paeps Senior Reality Engineer Ministry of Information
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130621211323.GB36696>