You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by pgndev <pg...@gmail.com> on 2016/06/14 18:17:53 UTC
sa-update taint-mode error: "Insecure dependency in require while
running with -T switch at ..."?
I've installed a new instance of SA
spamassassin -V
SpamAssassin version 3.4.1
running on Perl version 5.18.2
module_info Mail::SpamAssassin Mail::SPF
Name: Mail::SpamAssassin
Version: 3.004001
Directory: /usr/lib/perl5/site_perl/5.18.2
File: /usr/lib/perl5/site_perl/5.18.2/Mail/SpamAssassin.pm
Core module: no
When I exec
sa-update -D
it fails
Insecure dependency in require while running with -T switch at
/usr/lib/perl5/site_perl/5.18.2/Net/DNS/Resolver/Base.pm line 570.
BEGIN failed--compilation aborted at
/usr/lib/perl5/site_perl/5.18.2/Net/DNS/Resolver/Base.pm line 570.
Compilation failed in require at
/usr/lib/perl5/site_perl/5.18.2/base.pm line 100.
...propagated at /usr/lib/perl5/site_perl/5.18.2/base.pm line 109.
BEGIN failed--compilation aborted at
/usr/lib/perl5/site_perl/5.18.2/Net/DNS/Resolver/UNIX.pm line 18.
Compilation failed in require at
/usr/lib/perl5/site_perl/5.18.2/base.pm line 100.
...propagated at /usr/lib/perl5/site_perl/5.18.2/base.pm line 109.
BEGIN failed--compilation aborted at
/usr/lib/perl5/site_perl/5.18.2/Net/DNS/Resolver.pm line 22.
Compilation failed in require at
/usr/lib/perl5/site_perl/5.18.2/Net/DNS.pm line 51.
Compilation failed in require at /usr/bin/sa-update line 84.
BEGIN failed--compilation aborted at /usr/bin/sa-update line 84.
changing
edit /usr/bin/sa-update
- #!/usr/bin/perl -T -w
+ #!/usr/bin/perl -w
avoids the problem, but doesn't fix it.
There's lots of old posts re: taint-mode issues; Did not find one yet re: this.
Known issue? Fix available?
Or, need to simply remove the "-T" flag?
Re: sa-update taint-mode error: "Insecure dependency in require while
running with -T switch at ..."?
Posted by pgndev <pg...@gmail.com>.
Sounds like the perl-bug fix(es) are preferred to any
'ArchiveIterator.pm' monkeying.
I've taken up the issue in a distro bug.
Thx for the reference/link!
Re: sa-update taint-mode error: "Insecure dependency in require while
running with -T switch at ..."?
Posted by Mark Martinec <Ma...@ijs.si>.
On 2016-06-14 20:17, pgndev wrote:
> I've installed a new instance of SA
>
> spamassassin -V
> SpamAssassin version 3.4.1
> running on Perl version 5.18.2
>
> module_info Mail::SpamAssassin Mail::SPF
> Name: Mail::SpamAssassin
> Version: 3.004001
> Directory: /usr/lib/perl5/site_perl/5.18.2
> File:
> /usr/lib/perl5/site_perl/5.18.2/Mail/SpamAssassin.pm
> Core module: no
>
> When I exec
> sa-update -D
>
> it fails
>
> Insecure dependency in require while running with -T switch at
> /usr/lib/perl5/site_perl/5.18.2/Net/DNS/Resolver/Base.pm line 570.
> BEGIN failed--compilation aborted at
> /usr/lib/perl5/site_perl/5.18.2/Net/DNS/Resolver/Base.pm line 570.
> Compilation failed in require at
> /usr/lib/perl5/site_perl/5.18.2/base.pm line 100.
> ...propagated at /usr/lib/perl5/site_perl/5.18.2/base.pm
> line 109.
> BEGIN failed--compilation aborted at
> /usr/lib/perl5/site_perl/5.18.2/Net/DNS/Resolver/UNIX.pm line 18.
> Compilation failed in require at
> /usr/lib/perl5/site_perl/5.18.2/base.pm line 100.
> ...propagated at /usr/lib/perl5/site_perl/5.18.2/base.pm
> line 109.
> BEGIN failed--compilation aborted at
> /usr/lib/perl5/site_perl/5.18.2/Net/DNS/Resolver.pm line 22.
> Compilation failed in require at
> /usr/lib/perl5/site_perl/5.18.2/Net/DNS.pm line 51.
> Compilation failed in require at /usr/bin/sa-update line 84.
> BEGIN failed--compilation aborted at /usr/bin/sa-update line 84.
>
> changing
>
> edit /usr/bin/sa-update
> - #!/usr/bin/perl -T -w
> + #!/usr/bin/perl -w
>
> avoids the problem, but doesn't fix it.
>
> There's lots of old posts re: taint-mode issues; Did not find one yet
> re: this.
>
> Known issue? Fix available?
>
> Or, need to simply remove the "-T" flag?
Removing a "-T" flag is merely a dirty temporary workaround.
The "Insecure dependency in require" (note the "in require")
is something that shouldn't normally be possible. It is likely
due to one of the perl bugs [perl #122669] or [perl #123880]
affecting perl 5.18, fixed in perl 5.20.2 and later.
See:
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7140
There may be a workaround for your case, but as I can't reproduce
it, you are on your own.
Mark