develooper Front page | perl.perl5.porters | Postings from May 2010

[perl #75212] uid+euid assignment no longer works due to delaymagic changes

Thread Next
From:
mls @ suse . de
Date:
May 20, 2010 07:06
Subject:
[perl #75212] uid+euid assignment no longer works due to delaymagic changes
Message ID:
rt-3.6.HEAD-4976-1274359046-560.75212-75-0@perl.org
# New Ticket Created by  mls@suse.de 
# Please include the string:  [perl #75212]
# in the subject line of all future correspondence about this issue. 
# <URL: http://rt.perl.org/rt3/Ticket/Display.html?id=75212 >


This is a bug report for perl from mls@suse.de,
generated with the help of perlbug 1.39 running under perl 5.12.0.


-----------------------------------------------------------------
[Please describe your issue here]

perl-5.10.0 used the delyamagic mechanism to translate a
    ($<, $>) = (99, 99);
assignment into one single setreuid() syscall. As of commit
90630e3c741716305d7f1da4df5eab5c1bee42cc this no longer works,
as delaymagic is cleared before calling mg_set().

As a result, perl first does the uid and then the euid assignment,
which may result in a suddenly tainted perl.

You can see the difference by running
    perl -e '($<, $>) = (99, 99); system `echo /bin/true`'
as root in perl-5.10.0 and perl-5.12.0.

[Please do not change anything below this line]
-----------------------------------------------------------------
---
Flags:
    category=core
    severity=low
---
This perlbug was built using Perl 5.12.0 - Sun Apr 25 15:35:33 UTC 2010
It is being executed now by  Perl 5.12.0 - Sun Apr 25 15:20:39 UTC 2010.

Site configuration information for perl 5.12.0:

Configured by abuild at Sun Apr 25 15:20:39 UTC 2010.

Summary of my perl5 (revision 5 version 12 subversion 0) configuration:
   
  Platform:
    osname=linux, osvers=2.6.32, archname=x86_64-linux-thread-multi
    uname='linux adams 2.6.32 #1 smp 2010-04-21 09:23:49 +0200 x86_64 x86_64 x86_64 gnulinux '
    config_args='-ds -e -Dprefix=/usr -Dvendorprefix=/usr -Dinstallusrbinperl -Dusethreads -Di_db -Di_dbm -Di_ndbm -Di_gdbm -Duseshrplib=true -Doptimize=-fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -g -Wall -pipe -Accflags=-DPERL_USE_SAFE_PUTENV'
    hint=recommended, useposix=true, d_sigaction=define
    useithreads=define, usemultiplicity=define
    useperlio=define, d_sfio=undef, uselargefiles=define, usesocks=undef
    use64bitint=define, use64bitall=define, uselongdouble=undef
    usemymalloc=n, bincompat5005=undef
  Compiler:
    cc='cc', ccflags ='-D_REENTRANT -D_GNU_SOURCE -DPERL_USE_SAFE_PUTENV -DDEBUGGING -fno-strict-aliasing -pipe -fstack-protector -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
    optimize='-fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -g -Wall -pipe',
    cppflags='-D_REENTRANT -D_GNU_SOURCE -DPERL_USE_SAFE_PUTENV -DDEBUGGING -fno-strict-aliasing -pipe -fstack-protector'
    ccversion='', gccversion='4.5.0 20100414 (prerelease) [gcc-4_5-branch revision 158342]', gccosandvers=''
    intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
    ivtype='long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
    alignbytes=8, prototype=define
  Linker and Libraries:
    ld='cc', ldflags =' -L/usr/local/lib64 -fstack-protector'
    libpth=/lib64 /usr/lib64 /usr/local/lib64
    libs=-lm -ldl -lcrypt -lpthread
    perllibs=-lm -ldl -lcrypt -lpthread
    libc=/lib64/libc-2.11.1.so, so=so, useshrplib=true, libperl=libperl.so
    gnulibc_version='2.11.1'
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,-E -Wl,-rpath,/usr/lib/perl5/5.12.0/x86_64-linux-thread-multi/CORE'
    cccdlflags='-fPIC', lddlflags='-shared -L/usr/local/lib64 -fstack-protector'

Locally applied patches:
    

---
@INC for perl 5.12.0:
    /usr/lib/perl5/site_perl/5.12.0/x86_64-linux-thread-multi
    /usr/lib/perl5/site_perl/5.12.0
    /usr/lib/perl5/vendor_perl/5.12.0/x86_64-linux-thread-multi
    /usr/lib/perl5/vendor_perl/5.12.0
    /usr/lib/perl5/5.12.0/x86_64-linux-thread-multi
    /usr/lib/perl5/5.12.0
    .

---
Environment for perl 5.12.0:
    HOME=/suse/mls
    LANG (unset)
    LANGUAGE (unset)
    LC_COLLATE=POSIX
    LC_CTYPE=de_DE@euro
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=/suse/mls/bin:/usr/local/bin:/usr/bin:/usr/sbin:/sbin:/usr/X11R6/bin:/bin:/usr/lib/java/bin:/usr/games/bin:/usr/games:/opt/gnome/bin:/opt/kde/bin:/usr/openwin/bin:/opt/pilotsdk/bin:/suse/mls/korn
    PERL_BADLANG (unset)
    SHELL=/bin/tcsh
Thread Next

nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About