New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
perldoc security bug (race condition) #1135
Comments
From @jmaslakThis is a bug report for perl from jmaslak@mindspring.com, perldoc uses /tmp/perldoc1.[PID] for it's temporary files. I was This is due to perldoc not using a secure method to generate a An example exploit would be to send root a mail saying, "I am /home/mydir/sample.pm would output simply two plusses. As you (perlbug also seems to have a similar problem after a quick but -- This perlbug was built using Perl 5.00503 - Wed Oct 20 00:47:06 MEST 1999 Site configuration information for perl 5.00503: Configured by root at Tue Apr 6 23:33:05 EDT 1999. Summary of my perl5 (5.0 patchlevel 5 subversion 3) configuration: Locally applied patches: @INC for perl 5.00503: Environment for perl 5.00503: |
From [Unknown Contact. See original ticket]This is what you get for not using the real man program when you're --tom |
From @chipdudeAccording to Joel Maslak:
Does this look like a good feature to build into Perl? Temporary |
From @jhiChip Salzenberg writes:
We actually used to have mkstemp() probing in Configure for a short Yes, I think having mkstemp() (not necessarily directly as a Perl Something akin for temp directories would be cool, too.
-- |
From @chipdudeAccording to Jarkko Hietaniemi:
I was thinking more along the lines of a one-parameter open:
$name = mkdir(0700) |
From @jhiChip Salzenberg writes:
Nice. Would the temp file be unlinked automagically at scope exit?
And bare mkdir() defaulting to mkdir(0700)? Would the directory by automagically recursively destructed at scope exit?
-- |
From @jhiJarkko Hietaniemi writes:
Oh, yes of course it would, thanks to the autovivification of filehandles... -- |
From @jhiJarkko Hietaniemi writes:
Rats. More coffee. *Much* more coffee. I was thinking of auto-close(), -- |
From [Unknown Contact. See original ticket]Jarkko Hietaniemi (lists.p5p):
On co-operating operating systems, you could do the old sleight-of-hand: -- |
From @chipdudeAccording to Jarkko Hietaniemi:
I'd define it in terms of file closure: "The file is automatically Under Unix, of course, the file would continue to exist as long as
Um, I'm wondering whether automatic temp mkdir is a good idea after
... OK, I'm done wondering: I don't like automatic temp mkdir. Any |
From @jhiChip Salzenberg writes:
How about someone wanting to create temp files to somewhere else
Yeah, seems like too much magic. File::Temp::mkdir, or somesuch.
-- |
From [Unknown Contact. See original ticket]Chip Salzenberg <chip@valinux.com> writes:
Current code too; I use open(FOO) all the time. Did I miss a memo? :) -- |
From [Unknown Contact. See original ticket]Chip Salzenberg <chip@valinux.com> writes:
In this particular case, do we need a temporary file at all? What was the -- |
From @chipdudeAccording to Jarkko Hietaniemi:
Mmm, IMO, that's over the magic line of too much magic. Perhaps there use File::Unique qw/ unique_name unique_create /; my $t1 = unique_name; # /tmp mkdir($t1, 0700); # mkdir is safe to use directly my $f3 = unique_create; # create in /tmp; auto-delete on close Hm. |
From [Unknown Contact. See original ticket]
No, that's perfectly supported. The only issue is that it's a --tom |
From [Unknown Contact. See original ticket]Tom Christiansen <tchrist@chthon.perl.com> writes:
I pretty much only use it in conjunction with script globals. Usually | # Command to generate the list of people with access to the NOTGS list. [...] | # Get NOTGS view information. It somehow seems more self-documenting or cleaner or something than the -- |
From [Unknown Contact. See original ticket]After quick checking, I mis-identified this as a race condition. It is As a fix that is SYSTEM DEPENDENT, use of sysopen with a mode of I like the idea of a module to do this, however. Perhaps it could use the -- |
From [Unknown Contact. See original ticket]Joel Maslak <jmaslak@mindspring.com> writes:
That seems sufficient. If /tmp isn't a local file system, you have other -- |
From [Unknown Contact. See original ticket]
Big deal. Skate POSIX or die, to paraphrase Jim Thompson.
Perl is always at the mercy of your system libraries (see "man perl" That's no reason not to implement a reasonable fix. And there *is* a problem. If /tmp/<your tmpfile> is a slink Please see my long message of this morning that went also to --tom |
From @gsarOn Fri, 04 Feb 2000 01:06:40 PST, Chip Salzenberg wrote:
Nick put in code for open(F,undef) to do that, but it didn't Sarathy |
From [Unknown Contact. See original ticket]
I'm having a lovely off-list discussion right now about this --tom |
From [Unknown Contact. See original ticket]Russ Allbery <rra@stanford.edu> wrote
If it was a pipe, you couldn't go backwards in the pager. Mike Guy |
From [Unknown Contact. See original ticket]M J T Guy <mjtg@cus.cam.ac.uk> writes:
You can if you have a decent pager. Hm. Point taken, though. (I forget -- |
From [Unknown Contact. See original ticket]
It it were a good pager, you could. :-) --tom |
From [Unknown Contact. See original ticket]Simon Cozens writes:
If all you need is a tmp *filehandle*, then there are better ways than Ilya |
From [Unknown Contact. See original ticket]
I am *DELIGHTED* to see that no one has read my important article --tom |
From @chipdudeAccording to Russ Allbery:
Well, I didn't write the code in question; but if I had to guess, I'd |
Migrated from rt.perl.org#2095 (status was 'resolved')
Searchable as RT2095$
The text was updated successfully, but these errors were encountered: