On 30.05.2013 23:18, Arch Website Notification wrote:
Insecure dependency in unlink while running with -T switch at /usr/share/perl5/vendor_perl/Net/Server/Daemonize.pm
That has nothing to do with Net::Server, it's a bug in the code initially setting the variable used there.
I have no idea why tainting behaviour seems to have changed with perl 5.18 (perldelta doesn't mention anything), but the only place I hit this problem was in spampd and there the variables were clearly tainted so I don't consider it a regression. If you are using that, please upgrade to the new version in AUR where I fixed those bugs.
For more information about tainting please take a look at perlsec.
CC'ing arch-general since this might be interesting to someone.