Bug 199514 - suidperl segfaults when different version of perl/suidperl is installed.
suidperl segfaults when different version of perl/suidperl is installed.
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: perl (Show other bugs)
5
All Linux
low Severity low
: ---
: ---
Assigned To: Jason Vas Dias
David Lawrence
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-07-19 22:47 EDT by Mike McGrath
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version: 5.8.8-6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-10-16 09:35:45 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Mike McGrath 2006-07-19 22:47:04 EDT
Description of problem:
suidperl segfaults when different version of perl/suidperl is installed.  This
is kind of a no-duh but I recently installed perl-suidperl without updating
perl.  I believe I had version 5.8.8-4 of perl and 5.8.8-5 of perl-suidperl. 
When running suidperl as a non-root user I'd get a segfault.  An strace listed
some files that could not be found.

After updating perl the error went away.  Might be a good idea to have suidperl
require perl-%{version}-%{release}.  Incredibly minor but thought I'd mention it.
Comment 1 Jason Vas Dias 2006-07-25 19:34:42 EDT
Aha, I see the problem - the perl-suidperl sub-package has always specified:
 'Requires: perl = %{epoch}:%{version}-%{release}
 '
But the perl main package has always specified:
 '# By definition of 'do' (see 'man perlfunc') this package provides all
  # versions of perl previous to it.
  Provides: perl <= %{epoch}:%{version}
 '
So any perl package Provides: all previous versions of perl, so RPM allows
a previous version of perl to be installed when a later perl-suidperl version
is installed.

I guess the perl main package should specify something like:
 'Provides: libperl = %{epoch}:%{version}-%{release}
 '
and the perl-setuid sub-package should specify:
 'Requires: libperl = %{epoch}:%{version}-%{release}
 '

This fix is now in CVS and will go into the next release.

Note You need to log in before you can comment on or make changes to this bug.