Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Neomail error

Discussion in 'E-mail Discussion' started by ehsan, Dec 17, 2002.

  1. ehsan

    ehsan Well-Known Member

    Joined:
    Dec 11, 2001
    Messages:
    185
    Likes Received:
    0
    Trophy Points:
    316
    When trying to move to trash I get:

    Software error:
    Insecure dependency in open while running with -T switch at /usr/local/cpanel/base/neomail/neomail.pl line 2447.

    any Idea?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. atjeu

    atjeu Member
    PartnerNOC

    Joined:
    Feb 15, 2002
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    301
    Location:
    Phoenix, AZ
    we have the same exact error with all clients on cpanel...
     
  3. atjeu

    atjeu Member
    PartnerNOC

    Joined:
    Feb 15, 2002
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    301
    Location:
    Phoenix, AZ
    FROM: Jonathan MillerDATE: 08/26/2002 14:18:14SUBJECT: [Neomail-users] insecure dependency with perl 5.8.0 Saw someone else having this same problem when running setuid root with Perl
    5.8.0:

    Insecure dependency in open while running with -T switch at
    /usr/local/httpd/cgi-bin/neomail.pl line 2775.

    I tracked down the tainted variable to be the global $folder which is read
    directly from the web form. There is code to validate the variable, but it
    still sets off Perl's newer taint check.

    Here's the fix I implemented, starting at line 193 in neomail.pl:

    my $folder;
    my @validfolders;
    if ($user) {
    my $isvalid = 0;
    @validfolders = @{&getfolders()};
    if (param(&folder&)) {
    my $basketcase = param(&folder&); # CHANGED LINE
    foreach my $checkfolder (@validfolders) {
    if ($basketcase eq $checkfolder) { # CHANGED LINE
    $folder = $checkfolder; # ADDED LINE
    $isvalid = 1;
    last;
    }
    }
    ($folder = 'INBOX') unless ( $isvalid );
    } else {
    $folder = &INBOX&;
    }
    }
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice