ports/177416: mail/postgrey has surfaced a bug in perl's taint checking

Paul Beard paulbeard at gmail.com
Fri Jun 21 20:51:05 UTC 2013 

On Jun 21, 2013, at 1:30 PM, Philip Paeps <philip at freebsd.org> wrote:

> One way to fix this would be to look for every port that depends on
> p5-Getopt-Long and make that dependency conditional on versions of perl
> which don't have a bundled Getopt::Long.  But perhaps there is a more
> elegant way?

I thought I might test this. 

[root at shuttle /usr/ports/devel/p5-Getopt-Long]# service postgrey status
postgrey is running as pid 62138.
[root at shuttle /usr/ports/devel/p5-Getopt-Long]# service postgrey stop
Stopping postgrey.
Waiting for PIDS: 62138.
[root at shuttle /usr/ports/devel/p5-Getopt-Long]# make install 
[…]
postgrey --inet 10023 --pidfile=/var/run/postgrey.pid --user=postgrey --group=postgrey        --dbdir=/var/db/postgrey 
2013/06/21-13:39:38 postgrey (type Net::Server::Multiplex) starting! pid(63376)
Resolved [localhost]:10023 to [::1]:10023, IPv6
Resolved [localhost]:10023 to [::1]:10023, IPv6
Resolved [localhost]:10023 to [127.0.0.1]:10023, IPv4
Resolved [localhost]:10023 to [127.0.0.1]:10023, IPv4
Duplicate configuration (TCP) on [::1]:10023 with IPv6) - skipping
Duplicate configuration (TCP) on [127.0.0.1]:10023 with IPv4) - skipping
Binding to TCP port 10023 on host ::1 with IPv6
Insecure dependency in socket while running with -T switch at /usr/local/lib/perl5/5.14/mach/IO/Socket.pm line 80.
[root at shuttle /usr/ports/devel/p5-Getopt-Long]# make deinstall clean 
===>  Deinstalling for devel/p5-Getopt-Long
===>   Deinstalling p5-Getopt-Long-2.39
===>  Cleaning for p5-Getopt-Long-2.39
[root at shuttle /usr/ports/devel/p5-Getopt-Long]# postgrey --inet 10023 --pidfile=/var/run/postgrey.pid --user=postgrey --group=postgrey        --dbdir=/var/db/postgrey 
2013/06/21-13:39:54 postgrey (type Net::Server::Multiplex) starting! pid(63434)
Resolved [localhost]:10023 to [::1]:10023, IPv6
Resolved [localhost]:10023 to [::1]:10023, IPv6
Resolved [localhost]:10023 to [127.0.0.1]:10023, IPv4
Resolved [localhost]:10023 to [127.0.0.1]:10023, IPv4
Duplicate configuration (TCP) on [::1]:10023 with IPv6) - skipping
Duplicate configuration (TCP) on [127.0.0.1]:10023 with IPv4) - skipping
Binding to TCP port 10023 on host ::1 with IPv6
Insecure dependency in socket while running with -T switch at /usr/local/lib/perl5/5.14/mach/IO/Socket.pm line 80.

postgrey --unix=/var/run/postgrey.sock --pidfile=/var/run/postgrey.pid --user=postgrey --group=postgrey        --dbdir=/var/db/postgrey 
2013/06/21-13:42:10 postgrey (type Net::Server::Multiplex) starting! pid(63698)
Binding to UNIX socket file "/var/run/postgrey.sock"
Setting gid to "225 225"
Setting uid to "225"

So it looks like I still can't get it to work with a socket (I wish I had tried before the install/deinstall of Getopt-Long). 

As I have no inbound mail service (thx, Comcast), it's no longer an issue for me. 

--
Paul Beard

This space intentionally left blank.

More information about the freebsd-ports-bugs mailing list