Hi Robert, What's this:
postfix/policyd-weight[18125]: warning: cache: err: cache: chdir /tmp/.policyd-weight/: No such file or directory at /usr/sbin/policyd-weight line 2948, <GEN8330> line 100 That's with beta-17, yet # ls -ld /tmp/.policyd-weight/ drwx------ 2 polw polw 4096 2008-03-29 14:09 /tmp/.policyd-weight/ So "No such" message yet such a directory? That directory in this case has been recreated by policyd-weight - I misread your "workaround" suggestion as instructions to go ahead and delete it. Maybe if I hadn't it wouldn't be broken? Thanks, Whit On Fri, Mar 28, 2008 at 04:16:29PM +0100, Robert Felber wrote: > Hello, > > policyd-weight still did not check the working directory correctly. > > 1st: I assumed [ -L /foo/bar ] is the same as [ -L /foo/bar/ ] > > because the -L tells the file test what to look for. But in the > latter form it is checked with S_IFDIR. > > We normalize the path with File::Spec->canonpath as s,/+$,, is > not sufficient. > > > 2nd: policyd-weight didn't check the ownership of real directories > which might have been resulted in a race attack. Policyd-weight once > gets the stat/lstat and reuses that information in order to > provide some sort of atomicity of the check_symlnk() sub-routine. > > > > > MD5 (policyd-weight) = > 68373b7cfeda52b78df6229ed658771e > > SHA256 (policyd-weight) = > 4245495685e516e00a363a97aaa17456f48c51fcbdb4458989a9d68db64083bc > > MD5 (policyd-weight-0.1.14.17.tar.gz) = > c90128d2442ba343e8127dc0dbdcfd9a > > SHA256 (policyd-weight-0.1.14.17.tar.gz) = > c13bac397cbd8c018b41686da4e4ce9450fb045752d7f0ab518d9836b39dbf36 > > > > -- > Robert Felber (PGP: 896CF30B) > Munich, Germany > > ____________________________________________________________ > Policyd-weight Mailinglist - http://www.policyd-weight.org/ ____________________________________________________________ Policyd-weight Mailinglist - http://www.policyd-weight.org/