Question
After solving several problems with help from the great Twiki community, my basic installation worked all right. The next thing I started to change was Access Control and User Authentication. If I block /twiki/bin completely, I have to log in before getting anywhere near twiki. So that's ok. (Even though this is not what I am aiming at. I would like to give read and write access depending on the web, but I haven't figured it out yet. If I change the httpd.conf and set the webpreferences, I never get the login-pop up window and therefore can not edit, even though I'm in the allowwebview list. But this would need another support question topic...) After that I try to register another user in the Twiki Registration, I get the following Error message: Insecure dependency in connect while running with -T switch at /usr/lib/perl5/5.8.5/cygwin-thread-multi-64int/IO/Socket.pm line 114. I checked other Support Questions and read through RegisterFailureInsecureDependencyCygwin, RegisterFailureInsecureDependency, ServerErrorDuringRegistration, ApacheUpgradeTaintError . But I only understand that other people had the same problem in different surroundings. I don't see how I can fix my problem with the hints given there. (My perl kowledge is not existing. though I do know shell script and C and others.) In the Twiki Preferences I don't recall changing anything but the WIKIWEBMASTER email address. If you need me to attach more files, please let me know.Environment
Additional Information
I tried to change SMTPMAILHOST from mail to empty within the TWiki Web Preferences (see RegisterFailureInsecureDependency). This gets me to a different problem when registering a new user:Send Mail Error The e-mail could not be delivered. Please notify your administrator, judit.mays@somewhere.de ERROR: Can't send mail using TWiki::mailProgramNow I get a new and correct entry in TWikiUsers, but no mail is sent to the new user.
And the password is not saved into ../data/.htpasswd . Therefore this new user can't log in. I checked some other topics and I found that...
- ...under Windows Net::SMTP should be used (comment in TWiki.cfg) and
- ...this should be done by editing SMTPMAILHOST in TWikiWebPreferences.
- ...change SMTPMAILHOST to empty
Answer
I don't think setting SMTPMAILHOST to empty is the best way to fix the insecure dependency problem... Could it be that the permissions on the directory containing CPAN:Net::SMTP
are wrong? Try doing perldoc -m Net::SMTP to get path, and also check output of perl -e 'use Net::SMTP; print (join "\n", %INC) ' (shows actual paths used to load modules).
-- RichardDonkin - 09 Mar 2005
@command lines ok, I executed both these commands but I have to admit I don't no what I get here. So I attach both output files, hoping you might help. @permissions
since I don't know which permissions would be right, I just checked them and put them here, so you may please judge on it: every single directory from
cygwin/ down to Net/ in this path /c/cygwin/lib/perl5/5.8.5/Net has the same permissions: drwx------. The file SMTP.pm within Net/ has the permission -rwx------. (user is twiki and group is Users)
@SMTPMAILHOST I put the value back to
mail.my.company since this is recommended in the windows install cookbook.
@tainting I tried to remove the
T in the first line of the register script. Then, registration worked just fine. An email was sent. But there was no entry of the password into data/.htpasswd for the new user. (So to me it seems, as if the above file and directory permissions shouldn't be a problem, right?)
-- JuditMays - 09 Mar 2005
Now, with removing the T in the register script the registration email is sent and the password is encrypted and written into the data/.htpasswd file. I am not aware of changing anything else...
Would removing the T for good (and so disabling the taint checking) be a very big security issue, if my twiki runs behind corporate firewalls? If the risk holds only for free accessible twikis, then I would not need the taint checking, and therefore my problem would be resolved. Could someone please recommend on this T ? Thanks a lot!
-- JuditMays - 22 Mar 2005
The -T option controls TaintChecking, which is always a good idea, but can be removed if you are happy you only have friendly users behind your firewall (big assumption) or (much better) authenticate every use of TWiki including view, search, etc. In practice, -T is more for developers and installers (e.g. pointing out insecure permissions on paths used to run programs).
-- RichardDonkin - 24 Mar 2005
| I | Attachment | History | Action | Size | Date | Who | Comment |
|---|---|---|---|---|---|---|---|
 cfg |
TWiki.cfg | r1 | manage | 23.4 K | 2005-02-22 - 16:01 | UnknownUser | Twiki config file |
 txt |
TWikiPreferences.txt | r1 | manage | 18.3 K | 2005-02-22 - 16:02 | UnknownUser | twiki preferences |
| conf |
httpd.conf | r2 r1 | manage | 35.7 K | 2005-03-08 - 19:49 | UnknownUser | apache config file |
| txt |
output_perl-euseNetSMTP.txt | r1 | manage | 20.5 K | 2005-03-09 - 11:28 | UnknownUser | perl -e 'use Net::SMTP; print (join "\n", %INC) ' > file |
| txt |
output_perldoc-mNetSMTP.txt | r1 | manage | 1.2 K | 2005-03-09 - 11:28 | UnknownUser | perldoc -m Net::SMTP > file |
 htm |
testenv.htm | r1 | manage | 13.8 K | 2005-02-22 - 16:02 | UnknownUser | testenv output |
Topic revision: r8 - 2005-05-01 - PeterThoeny
Site map
Blog web
Search
Changes
RSS Feed
Notifications
Statistics
Preferences
Register new user
Support Forum 
Ask a question
Open questions 
My recent questions
Get quick help in #twiki IRC channel
Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.Copyright © 1999-2026 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.