165078 – Broken POSIX in perl-5.8.0

Bug 165078 - Broken POSIX in perl-5.8.0

Summary: Broken POSIX in perl-5.8.0

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 3
Classification:	Red Hat
Component:	perl
Sub Component:
Version:	3.0
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Jason Vas Dias
QA Contact:	David Lawrence
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	168424
TreeView+	depends on / blocked

Reported:	2005-08-04 06:10 UTC by Jussi Torhonen
Modified:	2007-11-30 22:07 UTC (History)
CC List:	2 users (show)
Fixed In Version:	RHSA-2005-881
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2005-12-20 14:59:00 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2005:881	0	normal	SHIPPED_LIVE	Moderate: perl security update	2005-12-20 05:00:00 UTC

Description Jussi Torhonen 2005-08-04 06:10:31 UTC

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.10) Gecko/20050716 Firefox/1.0.6

Description of problem:
POSIX is broken in perl-5.8.0. The same problem exists in RHEL 3 ES as well as in RHL 9. 

Version-Release number of selected component (if applicable):
perl-5.8.0-89.10

How reproducible:
Always

Steps to Reproduce:
1. Find any suitable UID from /etc/passwd (like 500)
2. perl -e 'use POSIX; print "($<)($>)\n"; POSIX::setuid(500); print "($<)($>)\n"'


Actual Results:  perl-5.8.0 (RHEL3ES + RHL9) returns something like:

(0,0)
(0,0)


Expected Results:  perl should return your original uid,gid information and setuided new uid,gid:

(0,0)
(500,500)

For example perl-5.8.6-15 of Fedora Core 4 makes it correctly.


Additional info:

Popular amavisd-new e-mail content filter uses Net::Server perl module. perl-5.8.0 users has got problems with amavisd-new-2.3.2 after updated latest Net::Server-0.88 from CPAN. Author has traced the problem and it looks now like perl-5.8.0 and it's broken POSIX module actually breaks it.

http://rt.cpan.org/NoAuth/Bug.html?id=13450

Comment 1 Jason Vas Dias 2005-11-02 17:49:05 UTC

This bug is now fixed in RHEL-3 with perl-5.8.0-90.2  .
The PL_uid / PL_euid, and  PL_gid / PL_egid variables were not being set
to the new uid/gid after successful POSIX::setuid/setgid calls; 
perl restores the uid,euid/gid,egid to PL_uid,PL_euid/PL_gid,PL_egid after
XS calls, as it also supports setting the uid/euid gid/egid with:
   ($<,$>,$(,$))=($newUid,$newEuid,$newGid,$newEgid);
The above statement worked to set the real uid,euid/gid,egid before this 
change; only POSIX::set[ug]id failed because the PL_uid,PL_euid/PL_gid,PL_egid
variables were not being set also by these calls.

Comment 2 Jussi Torhonen 2005-11-10 19:39:57 UTC

Where can I get one? I mean perl-5.8.0-90.2 for RHEL 3ES ?

Comment 3 Jason Vas Dias 2005-11-14 17:50:04 UTC

(In reply to comment #2)
> Where can I get one? I mean perl-5.8.0-90.2 for RHEL 3ES ?

perl-5.8.0-90.2 is being considered for the next RHEL-3 update release.

Meanwhile, you can download it from:
  http://people.redhat.com/~jvdias/perl/RHEL-3 

Please try out this version and let me know of any issues - thanks.

Comment 7 Red Hat Bugzilla 2005-12-20 14:59:01 UTC

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2005-881.html

Note You need to log in before you can comment on or make changes to this bug.