Bug: Calling mailnotify gives a taint error in Perl
Calling mailnotify results in the error messageInsecure dependency in connect while running with -T switch at /usr/lib/perl5/5.8.1/i586-linux-thread-multi/IO/Socket.pm line 114.This is at the
connect() to SMTPHOST.
The strange thing: mailnotify worked a few days ago. Perl was not upgraded. I don't know why this error suddenly appears and wasn't there previously.
Test case
Environment
| TWiki version: | TWikiRelease02Sep2004 |
| TWiki plugins: | DefaultPlugin, EmptyPlugin, InterwikiPlugin |
| Server OS: | SuSE 9.0 |
| Web server: | Apache 1.3.28-77 |
| Perl version: | 5.8.1 |
| Client OS: | |
| Web Browser: |
Impact and Available Solutions
Follow up
This also happens when one registers a new account on a freshly installed TWiki, using TWikiRegistrationPub. That registration wants to send an email and runs into the same error. -- JoachimSchrod - 12 Oct 2005Fix record
- Net.pm.diff untaints
$mailHost.
Discussion
| ChangeProposalForm | |
|---|---|
| TopicClassification | BugReport |
| TopicSummary | Calling mailnotify gives a taint error in Perl |
| CurrentState | UnderInvestigation |
| OutstandingIssues | |
| RelatedTopics | TWikiPatches |
| InterestedParties | |
| ProposedFor | |
| TWikiContributors | |
| I | Attachment | Action | Size | Date | Who | Comment |
|---|---|---|---|---|---|---|
 diff |
Net.pm.diff | manage | 0.7 K | 2005-06-15 - 09:34 | JoachimSchrod |
Edit | Attach | Print version | History: r2 < r1 | Backlinks | Raw View | Raw edit | More topic actionsTopic revision: r2 - 2005-10-12 - JoachimSchrod
Home 
Site map
Blog web
Create New Topic
Index
Search
Advanced search
My topics of interest
Changes
Major changes only
All tags
Notifications
RSS Feed
Statistics
Preferences
Community 
Readme first
Developers News
How you can help
Community roles
#twiki IRC
Jerusalem Release
Feature Proposals
Bugs Changes
Categories 
Account 
Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.Copyright © 1999-2012 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.