Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

perldoc causes taint violation when run as root in a directory with Build.PL or Makefile.PL #10132

Closed
p5pRT opened this issue Feb 4, 2010 · 8 comments

Comments

@p5pRT
Copy link

p5pRT commented Feb 4, 2010

Migrated from rt.perl.org#72550 (status was 'resolved')

Searchable as RT72550$

@p5pRT
Copy link
Author

p5pRT commented Feb 4, 2010

From @pioto

This is a bug report for perl from pioto@​pioto.org,
generated with the help of perlbug 1.39 running under perl 5.10.1.


When running perldoc as root, in a directory which has a cpan module's
source checked out, the following error occurs​:

# perldoc Test​::More
Insecure dependency in require while running with -T switch at /usr/lib64/perl5/5.10.1/Pod/Perldoc.pm line 1548.

This happens in a checkout for a some non-Test​::More cpan module.

Attempts to find a more minimal test case have so far come up short.
But, any of the cpan modules i've checked out in my non-root ~/git/, and
built and tested before as non-root, are affected by this, if that's any
help.



Flags​:
  category=library
  severity=medium
  module=Pod​::Perldoc


Site configuration information for perl 5.10.1​:

Configured by Exherbo at Sat Jan 30 11​:30​:07 EST 2010.

Summary of my perl5 (revision 5 version 10 subversion 1) configuration​:
 
  Platform​:
  osname=linux, osvers=2.6.32.3toi-04901-g6418929, archname=x86_64-linux
  uname='linux aether 2.6.32.3toi-04901-g6418929 #20 smp sat jan 9 11​:48​:36 est 2010 x86_64 gnulinux '
  config_args='-des -Dcc=x86_64-pc-linux-gnu-gcc -Dcf_by=Exherbo -Dprefix=/usr -Dvendorprefix=/usr -Dsiteprefix=/usr -Doptimize=-B/lib64 -B/usr/lib64 -Wl,--rpath-link -Wl,/lib64 -Wl,--rpath-link -Wl,/usr/lib64 -march=core2 -pipe -O2 -Darchname=x86_64-linux -Dlibperl=libperl.so.1.5.10.1 -Dprivlib=/usr/lib64/perl5/5.10.1 -Darchlib=/usr/lib64/perl5/5.10.1/x86_64-linux -Dsitelib=/usr/lib64/perl5/site_perl/5.10.1 -Dsitearch=/usr/lib64/perl5/site_perl/5.10.1/x86_64-linux -Dvendorlib=/usr/lib64/perl5/vendor_perl/5.10.1 -Dvendorarch=/usr/lib64/perl5/vendor_perl/5.10.1/x86_64-linux -Uinstallusrbinperl= -Duseshrplib -Dmksymlinks -Duselargefiles -Ui_ndbm -Di_gdbm -Di_db'
  hint=recommended, useposix=true, d_sigaction=define
  useithreads=undef, usemultiplicity=undef
  useperlio=define, d_sfio=undef, uselargefiles=define, usesocks=undef
  use64bitint=define, use64bitall=define, uselongdouble=undef
  usemymalloc=n, bincompat5005=undef
  Compiler​:
  cc='x86_64-pc-linux-gnu-gcc', ccflags ='-fno-strict-aliasing -pipe -fstack-protector -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
  optimize='-B/lib64 -B/usr/lib64 -Wl,--rpath-link -Wl,/lib64 -Wl,--rpath-link -Wl,/usr/lib64 -march=core2 -pipe -O2',
  cppflags='-fno-strict-aliasing -pipe -fstack-protector'
  ccversion='', gccversion='4.4.3', gccosandvers=''
  intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678
  d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
  ivtype='long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
  alignbytes=8, prototype=define
  Linker and Libraries​:
  ld='x86_64-pc-linux-gnu-gcc', ldflags =' -fstack-protector -L/usr/local/lib'
  libpth=/usr/local/lib /lib /usr/lib /lib64 /usr/lib64 /usr/local/lib64
  libs=-lnsl -lgdbm -ldb -ldl -lm -lcrypt -lutil -lc
  perllibs=-lnsl -ldl -lm -lcrypt -lutil -lc
  libc=/lib/libc-2.11.1.so, so=so, useshrplib=true, libperl=libperl.so.1.5.10.1
  gnulibc_version='2.11.1'
  Dynamic Linking​:
  dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,-E -Wl,-rpath,/usr/lib64/perl5/5.10.1/x86_64-linux/CORE'
  cccdlflags='-fPIC', lddlflags='-shared -B/lib64 -B/usr/lib64 -Wl,--rpath-link -Wl,/lib64 -Wl,--rpath-link -Wl,/usr/lib64 -march=core2 -pipe -O2 -L/usr/local/lib -fstack-protector'

Locally applied patches​:
 


@​INC for perl 5.10.1​:
  /usr/lib64/perl5/5.10.1/x86_64-linux
  /usr/lib64/perl5/5.10.1
  /usr/lib64/perl5/site_perl/5.10.1/x86_64-linux
  /usr/lib64/perl5/site_perl/5.10.1
  /usr/lib64/perl5/site_perl/5.8.9
  /usr/lib64/perl5/site_perl
  /usr/lib64/perl5/vendor_perl/5.10.1/x86_64-linux
  /usr/lib64/perl5/vendor_perl/5.10.1
  /usr/lib64/perl5/vendor_perl/5.8.9
  /usr/lib64/perl5/vendor_perl
  .


Environment for perl 5.10.1​:
  HOME=/home/pioto
  LANG=en_US.utf8
  LANGUAGE (unset)
  LD_LIBRARY_PATH (unset)
  LOGDIR (unset)
  PATH=/home/pioto/src/android-sdk-linux/tools​:/home/pioto/bin​:/sbin​:/usr/local/sbin​:/usr/sbin​:/usr/local/bin​:/usr/bin​:/bin​:/opt/bin​:/usr/lib64/jdk/bin​:/usr/lib64/jre/bin​:/opt/nessus/bin
  PERL_BADLANG (unset)
  SHELL=/bin/bash

@p5pRT
Copy link
Author

p5pRT commented Mar 1, 2010

From p5p@spam.wizbit.be

When running perldoc as root, in a directory which has a cpan module's
source checked out, the following error occurs​:

# perldoc Test​::More
Insecure dependency in require while running with -T switch at
/usr/lib64/perl5/5.10.1/Pod/Perldoc.pm line 1548.

There appear to be two problems​:

a) Insecure dependency in require while running with -T switch at .../
perl-git/lib/Pod/Perldoc.pm line 1648.

This is because the function 'maybe_diddle_INC' adds several search
path to the @​INC when the current working directory contains
"Makefile.PL" or "Build.pl".

It then searches the @​INC for the module but after the search it does
not restore the original search path. Afterwards a require of
File​::Temp happens which fails because @​INC contains '.'.

This can be fixed with​:

--- a/dist/Pod-Perldoc/lib/Pod/Perldoc.pm
+++ b/dist/Pod-Perldoc/lib/Pod/Perldoc.pm
@​@​ -432,11 +432,13 @​@​ sub process {
  $self->find_good_formatter_class();
  $self->formatter_sanity_check();

+ my @​real_inc = @​INC;
  $self->maybe_diddle_INC();
  # for when we're apparently in a module or extension directory
 
  my @​found = $self->grand_search_init(\@​pages);
  exit (IS_VMS ? 98962 : 1) unless @​found;
+ @​INC = @​real_inc;
 
  if ($self->opt_l) {
  DEBUG and print "We're in -l mode, so byebye after this​:\n";

b) Error while formatting with Pod​::Perldoc​::ToMan​:
Insecure dependency in `` while running with -T switch at ...../perl-
git/lib/Pod/Perldoc/ToMan.pm line 91.

Pod/Perldoc/ToMan executes the command​:
  ..../bin/pod2man --lax $file | nroff -man -rLL=173n

=> $file is tainted
=> the command is tainted
=> execution fails

I'm not sure what the best fix for this is...

Best regards,

Bram

@p5pRT
Copy link
Author

p5pRT commented Mar 1, 2010

From [Unknown Contact. See original ticket]

When running perldoc as root, in a directory which has a cpan module's
source checked out, the following error occurs​:

# perldoc Test​::More
Insecure dependency in require while running with -T switch at
/usr/lib64/perl5/5.10.1/Pod/Perldoc.pm line 1548.

There appear to be two problems​:

a) Insecure dependency in require while running with -T switch at .../
perl-git/lib/Pod/Perldoc.pm line 1648.

This is because the function 'maybe_diddle_INC' adds several search
path to the @​INC when the current working directory contains
"Makefile.PL" or "Build.pl".

It then searches the @​INC for the module but after the search it does
not restore the original search path. Afterwards a require of
File​::Temp happens which fails because @​INC contains '.'.

This can be fixed with​:

--- a/dist/Pod-Perldoc/lib/Pod/Perldoc.pm
+++ b/dist/Pod-Perldoc/lib/Pod/Perldoc.pm
@​@​ -432,11 +432,13 @​@​ sub process {
  $self->find_good_formatter_class();
  $self->formatter_sanity_check();

+ my @​real_inc = @​INC;
  $self->maybe_diddle_INC();
  # for when we're apparently in a module or extension directory
 
  my @​found = $self->grand_search_init(\@​pages);
  exit (IS_VMS ? 98962 : 1) unless @​found;
+ @​INC = @​real_inc;
 
  if ($self->opt_l) {
  DEBUG and print "We're in -l mode, so byebye after this​:\n";

b) Error while formatting with Pod​::Perldoc​::ToMan​:
Insecure dependency in `` while running with -T switch at ...../perl-
git/lib/Pod/Perldoc/ToMan.pm line 91.

Pod/Perldoc/ToMan executes the command​:
  ..../bin/pod2man --lax $file | nroff -man -rLL=173n

=> $file is tainted
=> the command is tainted
=> execution fails

I'm not sure what the best fix for this is...

Best regards,

Bram

@p5pRT
Copy link
Author

p5pRT commented Mar 1, 2010

p5p@spam.wizbit.be - Status changed from 'new' to 'open'

@p5pRT
Copy link
Author

p5pRT commented Apr 12, 2012

From @swills

The fix in this ticket fixes at least the first issue, for me. This issue
showed up for me when running tests for perlbrew on FreeBSD with perl
5.12.4. This ticket has been open a while. Would someone consider looking
at getting this fix committed, at least or perhaps even better finding a
fix for the second issue too?

Thanks,
Steve

@p5pRT
Copy link
Author

p5pRT commented Apr 12, 2012

From [Unknown Contact. See original ticket]

The fix in this ticket fixes at least the first issue, for me. This issue
showed up for me when running tests for perlbrew on FreeBSD with perl
5.12.4. This ticket has been open a while. Would someone consider looking
at getting this fix committed, at least or perhaps even better finding a
fix for the second issue too?

Thanks,
Steve

@p5pRT
Copy link
Author

p5pRT commented Apr 30, 2012

From @tonycoz

On Thu Feb 04 15​:54​:08 2010, pioto wrote​:

When running perldoc as root, in a directory which has a cpan module's
source checked out, the following error occurs​:

# perldoc Test​::More
Insecure dependency in require while running with -T switch at
/usr/lib64/perl5/5.10.1/Pod/Perldoc.pm line 1548.

This happens in a checkout for a some non-Test​::More cpan module.

Attempts to find a more minimal test case have so far come up short.
But, any of the cpan modules i've checked out in my non-root ~/git/,
and
built and tested before as non-root, are affected by this, if that's
any
help.

I don't see this problem in blead.

[root@​freebsd32 /home/tony/dev/imager/git/Imager]# ls Makefile.PL
Makefile.PL
[root@​freebsd32 /home/tony/dev/imager/git/Imager]# perldoc Test​::More
(success)

I suspect the changes in version 3.15_12 of Pod-Perldoc (see
http​://cpansearch.perl.org/src/MALLEN/Pod-Perldoc-3.17/Changes) fixed this.

Tony

@p5pRT
Copy link
Author

p5pRT commented Apr 30, 2012

@cpansprout - Status changed from 'open' to 'resolved'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant