[SACVS] CVS: spamassassin/spamd spamd.raw,1.219,1.219.2.1

Update of /cvsroot/spamassassin/spamassassin/spamd
In directory sc8-pr-cvs1:/tmp/cvs-serv22518/spamd

Modified Files:
      Tag: b2_6_0
        spamd.raw 
Log Message:
bug 2511: in spamd, we call Cwd without cleaning out the PATH variable
first.  This can lead to tainting issues, so we should clean the path
first.


Index: spamd.raw
===================================================================
RCS file: /cvsroot/spamassassin/spamassassin/spamd/spamd.raw,v
retrieving revision 1.219
retrieving revision 1.219.2.1
diff -b -w -u -d -r1.219 -r1.219.2.1
--- spamd.raw   10 Sep 2003 23:21:06 -0000      1.219
+++ spamd.raw   27 Sep 2003 01:30:15 -0000      1.219.2.1
@@ -88,6 +88,7 @@
 
 # First untaint the environment -- need to do this before Cwd::cwd(), else
 # it will croak.
+Mail::SpamAssassin::Util::clean_path_in_taint_mode();
 Mail::SpamAssassin::Util::untaint_var(\%ENV);
 
 # The zeroth argument will be replaced in daemonize().
@@ -425,8 +426,6 @@
   my $addrlistfactory = Mail::SpamAssassin::DBBasedAddrList->new();
   $spamtest->set_persistent_address_list_factory ($addrlistfactory);
 };
-
-Mail::SpamAssassin::Util::clean_path_in_taint_mode();
 
 # restart handling.  do this here before compile_now() as that may
 # take a while.



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf