From tggbiz@ntlworld.com

Created by tggbiz@ntlworld.com

Copying files does not work in a Safe compartment,
despite an empty deny only list.

In order to reproduce the results just paste the code into 2 files
(SafeCopyDemo.pl, rdo.pl) as indicated.

# File​: SafeCopyDemo.pl
#
use strict;
use warnings;

use Safe;

print "Running SafeCopyDemo\n";

do_copy_file(@​ARGV);

sub some_sub
{
}

sub do_copy_file
{
  if (@​_ != 2)
  {
  print ("Usage​: SafeCopyDemo.pl from_file to_file\n");
  return;
  }
  my ($from_filespec, $to_filespec) = @​_;
  print "do_copy_file​: Copying from $from_filespec to $to_filespec\n";
  my $cpt = load_compartment(__PACKAGE__, 'some_sub');

  if (defined($cpt) && exists &{$cpt->varglob('copy_file')})
  {
  print "do_copy_file​: Calling rdo.pl copy_file\n";
  &{$cpt->varglob('copy_file')}($from_filespec, $to_filespec);
  }
}

sub load_compartment
{
  my ($package, @​subs) = @​_;
  my $cpt;
  print "load_compartment\n";
  if (-f 'rdo.pl')
  {
  $cpt = new Safe;
  print "load_compartment​: Doing rdo.pl\n";
  $cpt->share_from('main', [ '%ENV' ]);
  $cpt->share_from($package, [ @​subs ]);
  $cpt->deny_only();
  $cpt->rdo('rdo.pl');
  if ($@​)
  {
  die "Thrown exception from rdo.pl​: $@​\n";
  }
  }
  return $cpt;
}

# File rdo.pl
#
use strict;
use warnings;

use File​::Copy;

print "Loading rdo.pl\n";

sub copy_file
{
  my ($from_filespec, $to_filespec) = @​_;

  copy ($from_filespec, $to_filespec);

  print "\tCopied $from_filespec to $to_filespec\n";
}

# Begin File​::Copy Test on Perl 5.8

Running SafeCopyDemo
do_copy_file​: Copying from XXX to YYY
load_compartment
load_compartment​: Doing rdo.pl
Loading rdo.pl
do_copy_file​: Calling rdo.pl copy_file
Unable to create sub named "*Config​::launcher" at C​:/Perl/lib/Config.p
+m line 71.

# End File​::Copy Test on Perl 5.8

Flags:
    category=core
    severity=high

Site configuration information for perl v5.8.8:

Configured by SYSTEM at Tue Jul 31 19:34:29 2007.

Summary of my perl5 (revision 5 version 8 subversion 8) configuration:
  Platform:
    osname=MSWin32, osvers=5.00, archname=MSWin32-x86-multi-thread
    uname=''
    config_args='undef'
    hint=recommended, useposix=true, d_sigaction=undef
    usethreads=define use5005threads=undef useithreads=define usemultiplicity=define
    useperlio=define d_sfio=undef uselargefiles=define usesocks=undef
    use64bitint=undef use64bitall=undef uselongdouble=undef
    usemymalloc=n, bincompat5005=undef
  Compiler:
    cc='cl', ccflags ='-nologo -GF -W3 -MD -Zi -DNDEBUG -O1 -DWIN32 -D_CONSOLE -DNO_STRICT -DHAVE_DES_FCRYPT -DNO_HASH_SEED -DUSE_SITECUSTOMIZE -DPRIVLIB_LAST_IN_INC -DPERL_IMPLICIT_CONTEXT -DPERL_IMPLICIT_SYS -DUSE_PERLIO -DPERL_MSVCRT_READFIX',
    optimize='-MD -Zi -DNDEBUG -O1',
    cppflags='-DWIN32'
    ccversion='12.00.8804', gccversion='', gccosandvers=''
    intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=1234
    d_longlong=undef, longlongsize=8, d_longdbl=define, longdblsize=8
    ivtype='long', ivsize=4, nvtype='double', nvsize=8, Off_t='__int64', lseeksize=8
    alignbytes=8, prototype=define
  Linker and Libraries:
    ld='link', ldflags ='-nologo -nodefaultlib -debug -opt:ref,icf  -libpath:"C:\Perl\lib\CORE"  -machine:x86'
    libpth=\lib
    libs=  oldnames.lib kernel32.lib user32.lib gdi32.lib winspool.lib  comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib  netapi32.lib uuid.lib ws2_32.lib mpr.lib winmm.lib  version.lib odbc32.lib odbccp32.lib msvcrt.lib
    perllibs=  oldnames.lib kernel32.lib user32.lib gdi32.lib winspool.lib  comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib  netapi32.lib uuid.lib ws2_32.lib mpr.lib winmm.lib  version.lib odbc32.lib odbccp32.lib msvcrt.lib
    libc=msvcrt.lib, so=dll, useshrplib=true, libperl=perl58.lib
    gnulibc_version=''
  Dynamic Linking:
    dlsrc=dl_win32.xs, dlext=dll, d_dlsymun=undef, ccdlflags=' '
    cccdlflags=' ', lddlflags='-dll -nologo -nodefaultlib -debug -opt:ref,icf  -libpath:"C:\Perl\lib\CORE"  -machine:x86'

Locally applied patches:
    ACTIVEPERL_LOCAL_PATCHES_ENTRY
    Iin_load_module moved for compatibility with build 806
    Avoid signal flag SA_RESTART for older versions of HP-UX
    PerlEx support in CGI::Carp
    Less verbose ExtUtils::Install and Pod::Find
    Patch for CAN-2005-0448 from Debian with modifications
    Rearrange @INC so that 'site' is searched before 'perl'
    Partly reverted 24733 to preserve binary compatibility
    MAINT31223 plus additional changes
    31490 Problem bootstraping Win32CORE
    31324 Fix DynaLoader::dl_findfile() to locate .so files again
    31214 Win32::GetLastError fails when first called
    31211 Restore Windows NT support
    31188 Problem killing a pseudo-forked child on Win32
    29732 ANSIfy the PATH environment variable on Windows
    27527,29868 win32_async_check() can loop indefinitely
    26970 Make Passive mode the default for Net::FTP
    26379 Fix alarm() for Windows 2003
    24699 ICMP_UNREACHABLE handling in Net::Ping


@INC for perl v5.8.8:
    C:/Perl/site/lib
    C:/Perl/lib
    .


Environment for perl v5.8.8:
    HOME (unset)
    LANG (unset)
    LANGUAGE (unset)
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=C:\Program Files\Microsoft.NET\SDK\v1.1\bin;C:\Program Files\Microsoft Visual Studio .NET 2003\Common7\IDE;C:\Program Files\Microsoft Visual Studio .NET 2003\VC7\BIN;C:\Program Files\Microsoft Visual Studio .NET 2003\Common7\Tools;C:\Program Files\Microsoft Visual Studio .NET 2003\Common7\Tools\bin\prerelease;C:\Program Files\Microsoft Visual Studio .NET 2003\Common7\Tools\bin;C:\Program Files\Microsoft Visual Studio .NET 2003\SDK\v1.1\bin;C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322;C:\WINDOWS\system32;;C:\Program Files\Java\jdk1.5.0_04\bin;C:\Program Files\Java\apache-ant-1.6.5\bin;C:\Program Files\Java\Apache Software Foundation\ActiveMQ\apache-activemq-4.1.1\bin;C:\Program Files\Java\java_ee_sdk-5_03\bin;C:\Perl\bin;C:\Documents and Settings\Daddy\My Documents\Work\auto\glb\tool\Windows\bin
    PERLPATH=C:\Perl
    PERL_BADLANG (unset)
    SHELL (unset)

From @rgs

2008/8/3 via RT tggbiz <perlbug-followup@​perl.org>​:

Copying files does not work in a Safe compartment,
despite an empty deny only list.
[...]

Running SafeCopyDemo
do_copy_file​: Copying from XXX to YYY
load_compartment
load_compartment​: Doing rdo.pl
Loading rdo.pl
do_copy_file​: Calling rdo.pl copy_file
Unable to create sub named "*Config​::launcher" at C​:/Perl/lib/Config.p
+m line 71.

I think that, as with most bugs of this type with Safe, careful use of
the share() function to import the wanted namespaces into the Safe
compartment can solve your problem.

The RT System itself - Status changed from 'new' to 'open'

From tggbiz@ntlworld.com

I thought I'd better add that the problem exists with Perl 5.10 as well as
5.8 & the sympoms are exactly the same - see results and Perl version
information below.

Can you give me an estimate as to when you might have a workaround or fix on
5.8 or 5.10?

Thanks,

Tom

C​:\GLB\test\newtest\SafeCopyDemo>perl SafeCopyDemo.pl xxx yyy
Running SafeCopyDemo
do_copy_file​: Copying from xxx to yyy
load_compartment
load_compartment​: Doing rdo.pl
Loading rdo.pl
do_copy_file​: Calling rdo.pl copy_file
Unable to create sub named "*Config​::launcher" at C​:/Perl/lib/Config.pm line
71.

C​:\GLB\test\newtest\SafeCopyDemo>perl -v

This is perl, v5.10.0 built for MSWin32-x86-multi-thread
(with 5 registered patches, see perl -V for more detail)

Copyright 1987-2007, Larry Wall

Binary build 1003 [285500] provided by ActiveState
http​://www.ActiveState.com
Built May 13 2008 16​:52​:49

Perl may be copied only under the terms of either the Artistic License or
the
GNU General Public License, which may be found in the Perl 5 source kit.

Complete documentation for Perl, including FAQ lists, should be found on
this system using "man perl" or "perldoc perl". If you have access to the
Internet, point your browser at http​://www.perl.org/, the Perl Home Page.

C​:\GLB\test\newtest\SafeCopyDemo>perl -V
Summary of my perl5 (revision 5 version 10 subversion 0) configuration​:
  Platform​:
  osname=MSWin32, osvers=5.00, archname=MSWin32-x86-multi-thread
  uname=''
  config_args='undef'
  hint=recommended, useposix=true, d_sigaction=undef
  useithreads=define, usemultiplicity=define
  useperlio=define, d_sfio=undef, uselargefiles=define, usesocks=undef
  use64bitint=undef, use64bitall=undef, uselongdouble=undef
  usemymalloc=n, bincompat5005=undef
  Compiler​:
  cc='cl', ccflags
='-nologo -GF -W3 -MD -Zi -DNDEBUG -O1 -DWIN32 -D_CONSOLE -DNO_STRICT -DHAVE_DES_FCRYPT
-DUSE_SITECUSTOMIZE -DPRIVLIB_LAST_IN_INC -DPERL_IMPLICIT_CONTEXT -DPERL_IMPLICIT_SYS
-DUSE_PERLIO -DPERL_MSVCRT_READFIX',
  optimize='-MD -Zi -DNDEBUG -O1',
  cppflags='-DWIN32'
  ccversion='13.10.3077', gccversion='', gccosandvers=''
  intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=1234
  d_longlong=undef, longlongsize=8, d_longdbl=define, longdblsize=10
  ivtype='long', ivsize=4, nvtype='double', nvsize=8, Off_t='__int64',
lseeksize=8
  alignbytes=8, prototype=define
  Linker and Libraries​:
  ld='link', ldflags
'-nologo -nodefaultlib -debug -opt​:ref,icf -libpath​:"C​:\Perl\lib\CORE" -machine​:x86'
  libpth=\lib
  libs= oldnames.lib kernel32.lib user32.lib gdi32.lib winspool.lib
comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib netapi32.lib
uuid.lib ws2_32.lib mpr.lib winmm.lib version.lib odbc32.lib odbccp32.lib
msvcrt.lib
  perllibs= oldnames.lib kernel32.lib user32.lib gdi32.lib winspool.lib
comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib netapi32.lib
uuid.lib ws2_32.lib mpr.lib winmm.lib version.lib odbc32.lib odbccp32.lib
msvcrt.lib
  libc=msvcrt.lib, so=dll, useshrplib=true, libperl=perl510.lib
  gnulibc_version=''
  Dynamic Linking​:
  dlsrc=dl_win32.xs, dlext=dll, d_dlsymun=undef, ccdlflags=' '
  cccdlflags=' ',
lddlflags='-dll -nologo -nodefaultlib -debug -opt​:ref,icf -libpath​:"C​:\Perl\lib\CORE"
  -machine​:x86'

Characteristics of this binary (from libperl)​:
  Compile-time options​: MULTIPLICITY PERL_DONT_CREATE_GVSV
  PERL_IMPLICIT_CONTEXT PERL_IMPLICIT_SYS
  PERL_MALLOC_WRAP PL_OP_SLAB_ALLOC USE_ITHREADS
  USE_LARGE_FILES USE_PERLIO USE_SITECUSTOMIZE
  Locally applied patches​:
  ActivePerl Build 1003 [285500]
  33741 avoids segfaults invoking S_raise_signal() (on Linux)
  33763 Win32 process ids can have more than 16 bits
  32809 Load 'loadable object' with non-default file extension
  32728 64-bit fix for Time​::Local
  Built under MSWin32
  Compiled at May 13 2008 16​:52​:49
  %ENV​:
  PERLPATH="C​:\Perl"
  @​INC​:
  C​:/Perl/site/lib
  C​:/Perl/lib
  .

----- Original Message -----
From​: <perlbug-followup@​perl.org>
To​: <tggbiz@​ntlworld.com>
Sent​: Sunday, August 03, 2008 6​:45 PM
Subject​: [perl #57552] perlbug AutoReply​: Problem with copying files in a
Safe compartment

Greetings,

This message has been automatically generated in response to the
creation of a perl bug report regarding​:
"Problem with copying files in a Safe compartment".

There is no need to reply to this message right now. Your ticket has been
assigned an ID of [perl #57552]. Within the next 24-72 hours,
your message will be posted to the perl developers. Please be patient!

Please include the string​:

[perl #57552]

in the subject line of all future correspondence about this issue. To do
so,
you may reply to this message (please delete unnecessary quotes and text.)

Thank you,
perlbug-followup@​perl.org

-------------------------------------------------------------------------
CC​: <support@​ActiveState.com>
MIME-Version​: 1.0
X-Spam-Status​: No, hits=-5.9 required=8.0
tests=BAYES_00,HTML_MESSAGE,PERLBUG_CONF,SPF_NEUTRAL
X-Mailer​: Microsoft Outlook Express 6.00.2900.3138
X-Virus-Checked​: Checked
X-Virus-Checked​: Checked
X-Old-Spam-Check-BY​: la.mx.develooper.com
Content-Type​: multipart/alternative;
boundary="----=_NextPart_000_0015_01C8F599.0398DC10"
Message-ID​: <001801c8f590$a369e120$6401a8c0@​daddyspc>
Received​: (qmail 28106 invoked from network); 3 Aug 2008 17​:45​:26 -0000
Received​: from localhost (HELO la.mx.develooper.com) (127.0.0.1) by
localhost with SMTP; 3 Aug 2008 17​:45​:26 -0000
Received​: (qmail 28099 invoked by alias); 3 Aug 2008 17​:45​:26 -0000
Received​: from la.mx.develooper.com (HELO x1.develooper.com)
(63.251.223.176) by la.mx.develooper.com (qpsmtpd/0.28) with SMTP; Sun, 03
Aug 2008 10​:45​:09 -0700
Received​: (qmail 27856 invoked by uid 225); 3 Aug 2008 17​:45​:05 -0000
Received​: (qmail 27846 invoked by alias); 3 Aug 2008 17​:45​:04 -0000
Received​: from mtaout02-winn.ispmail.ntl.com (HELO
mtaout02-winn.ispmail.ntl.com) (81.103.221.48) by la.mx.develooper.com
(qpsmtpd/0.28) with ESMTP; Sun, 03 Aug 2008 10​:44​:50 -0700
Received​: from aamtaout03-winn.ispmail.ntl.com ([81.103.221.35]) by
mtaout02-winn.ispmail.ntl.com with ESMTP id
<20080803174445.CYIH21103.mtaout02-winn.ispmail.ntl.com@​aamtaout03-winn.ispmail.ntl.com>;
Sun, 3 Aug 2008 18​:44​:45 +0100
Received​: from daddyspc ([213.106.1.169]) by
aamtaout03-winn.ispmail.ntl.com with SMTP id
<20080803174444.TCGQ29597.aamtaout03-winn.ispmail.ntl.com@​daddyspc>; Sun,
3 Aug 2008 18​:44​:44 +0100
Delivered-To​: rt-perl5@​netlabs.develooper.com
Delivered-To​: perlbug@​perl.org
Subject​: Problem with copying files in a Safe compartment
Return-Path​: <tggbiz@​ntlworld.com>
X-Msmail-Priority​: Normal
X-Spam-Check-BY​: la.mx.develooper.com
X-Priority​: 3
X-Old-Spam-Status​: No, hits=-6.6 required=8.0
tests=BAYES_00,HTML_MESSAGE,PERLBUG_CONF,SPF_PASS
Date​: Sun, 3 Aug 2008 18​:44​:51 +0100
X-Mimeole​: Produced By Microsoft MimeOLE V6.00.2900.3198
To​: <perlbug@​perl.org>
From​: "tggbiz" <tggbiz@​ntlworld.com>