Bug 175467 - [patch] Bug in perl-5.8.6-CAN-2004-0976.patch; revised patch
[patch] Bug in perl-5.8.6-CAN-2004-0976.patch; revised patch
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: perl (Show other bugs)
4
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jason Vas Dias
David Lawrence
http://www.redhat.com/archives/fedora...
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-12-11 02:19 EST by David Eisenstein
Modified: 2007-11-30 17:11 EST (History)
2 users (show)

See Also:
Fixed In Version: perl-5.8.6-22
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-12-15 03:58:18 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Revised patch (7.65 KB, patch)
2005-12-11 02:19 EST, David Eisenstein
no flags Details | Diff

  None (edit)
Description David Eisenstein 2005-12-11 02:19:44 EST
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Description of problem:

There is a bug in the CAN-2004-0976 patch applied to the two most recent
releases of FC4's perl-5.8.6, file 'perl-5.8.6-CAN-2004-0976.patch' in
the .src.rpm.

As you already know, this patch, appearing to be based on the OWL/solartemp
patch, exists to fix insecure temporary file vulnerabilities, especially in
code or documentation that opens (or talks about opening) files insecurely
in the /tmp directory.  In the parts of the patch that changes perl pod docs,
solardesigner changes "/tmp" to "/var/run" all over the place.

The portion of the patch that concerns me is for the perl debugger,
perl-5.8.6/lib/perl5db.pl.  This patch changes the file "/tmp/perldbtty$$" to
"/var/run/perldbtty$$".  This is the file used to tell Term::Rendezvous
what terminal to use when the debugger is running in NonStop mode and needs
a break.

Problem is, regular users have no way to create or change a file in directory
/var/run; only root can do this.

I have attached an updated 'perl-5.8.6-CAN-2004-0976.patch' file that fixes
this problem, patching perl5db.pl much like Debian has in their patch called
"09_fix_insecure_tempfiles" gleaned from their
<http://ftp.debian.org/debian/pool/main/p/perl/perl_5.8.4-8.diff.gz>.

The attached patch also has the benefit of changing the modified lines to
pretty well match the upstream perl-5.8.7 for the same lines.

Version-Release number of selected component (if applicable):

perl-5.8.6-18.src.rpm

SHA1SUM of attachment:
72ea05dd629a65ce6dacdd92f6096bf7d9b31ea4  perl-5.8.6-CAN-2004-0976.new.patch

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFDm8/zxou1V/j9XZwRAmTtAJ9lbuulcFXGu6oYQpmdzHYQmvjR8ACg3Zgl
QWHdLDC+o9eYgemJf/REmgE=
=20cK
-----END PGP SIGNATURE-----
Comment 1 David Eisenstein 2005-12-11 02:19:45 EST
Created attachment 122106 [details]
Revised patch
Comment 2 David Eisenstein 2005-12-15 03:58:18 EST
This has been fixed in perl-5.8.6-22.

See Fedora Update Notification FEDORA-2005-1144:
<http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00042.html>

Thank you, Jason!

Note You need to log in before you can comment on or make changes to this bug.