From Bugzilla Helper: User-Agent: Mozilla/4.0 (compatible; MSIE 5.12; Mac_PowerPC) Description of problem: Consider the following perl script print "My uid is $>\n"; $> = 100; print "Now my uid is $>\n"; system("echo 'Hello, world!' > /var/tmp/hworld When run as root, the uid is changed for the perl process, but the file created by the system() call is owned by root. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. See above example 2. 3. Actual Results: hworld is owned by root Expected Results: hworld is owned by user 100 Additional info: Linux is the only platform this occurs on. Solaris, DEC Unix, SGI, AIX, Unixware, Mac OS X (BSD) - all create a file owned by the efffective uid of the perl process. This could be a security problem is the root user runs a perl script expecting the files created to be owned by some other user, but instead they are owned by root. If the files were executables, and had the suid bit set, the ownership by root would be a serious problem. This problem is in 7.0 and 7.1 as well.
This is a not a bug in Perl, but a "feature" of bash. Because the argument to system contains shell metacharacters, the argument is passed to /bin/sh, which is bash, for parsing. Bash sees that the effective user id is different than the real user id and it changes back the effective UID to the real UID, thus the child process runs as root and the file's owner is root. Bash won't change the effective UID if the parameter -p is given, so your code will work as expected if you use the following statement: system("/bin/sh", "-p", "-c", "echo 'Hello, world!' > /var/tmp/hworld")
Thanks, Radu. I was able to explain the bug because of this info, and your suggested fix did indeed work on Linux. However, because the script is used on a variety of platforms, and the -p switch isn't recognized by the shells on all of them, I wound up calling the system() function without the redirection characters, and doing the redirection from within Perl. Clearly, this isn't a Perl bug, or a bug at all, actually. It should be closed.
*** Bug 44001 has been marked as a duplicate of this bug. ***
*** Bug 38610 has been marked as a duplicate of this bug. ***