[pve-devel] [PATCH 2/2] email_from: fix for "insecure dependency in piped open" when email_from is empty

Stanislav German-Evtushenko ginermail at gmail.com
Wed Sep 3 12:22:11 CEST 2014


Signed-off-by: Stanislav German-Evtushenko <ginermail at gmail.com>
---
 PVE/API2/APT.pm | 2 +-
 PVE/VZDump.pm   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/PVE/API2/APT.pm b/PVE/API2/APT.pm
index 92deeea..3327445 100644
--- a/PVE/API2/APT.pm
+++ b/PVE/API2/APT.pm
@@ -341,7 +341,7 @@ __PACKAGE__->register_method({
 		if ($mailto) {
 		    my $hostname = `hostname -f` || PVE::INotify::nodename();
 		    chomp $hostname;
-		    my $mailfrom = $dcconf->{email_from} || "root\@$hostname";
+		    my $mailfrom = $dcconf->{email_from} || "root";
 
 		    my $data = "Content-Type: text/plain;charset=\"UTF8\"\n";
 		    $data .= "Content-Transfer-Encoding: 8bit\n";
diff --git a/PVE/VZDump.pm b/PVE/VZDump.pm
index 4295003..4a4d25c 100644
--- a/PVE/VZDump.pm
+++ b/PVE/VZDump.pm
@@ -280,7 +280,7 @@ my $sendmail = sub {
 	$rcvrarg .= " '$r'";
     }
     my $dcconf = PVE::Cluster::cfs_read_file('datacenter.cfg');
-    my $mailfrom = $dcconf->{email_from} || "root\@$hostname";
+    my $mailfrom = $dcconf->{email_from} || "root";
 
     open (MAIL,"|sendmail -B 8BITMIME -f $mailfrom $rcvrarg") || 
 	die "unable to open 'sendmail' - $!";
-- 
1.9.1




More information about the pve-devel mailing list