On June 1, 2001 at 16:00, pegmgr(_at_)peg(_dot_)com wrote:
| Insecure dependency in mkdir while running setgid at
| /usr/local/lib/mhonarc/mhlock.pl line 98.
Does the /usr/local/lib/mhonarc file have the setgid bit on? It
looks mhonarc is being invoked in Perl's tainted mode, and mhonarc
has never been coded to run in tainted mode (a task that would
probably be too cumbersome to undertake).
Setgid could also be inherited from the Procmail process of the
effective gid is different from the real gid. Since you upgraded
Procmail, I would guess that the procmail executable may have the
setgid bit on. If setgid support is not needed, remove it (which
can be done by the chmod command).
--ewh
