Front page | perl.perl5.porters |
Postings from February 2004
On Sun, Feb 01, 2004 at 09:18:16PM +0000, Dave Mitchell wrote:
> On Sun, Feb 01, 2004 at 11:40:05PM +0300, Solar Designer wrote:
> > On Sun, Feb 01, 2004 at 03:41:34PM +0000, Dave Mitchell wrote:
> > > utils/perlbug.PL
> > >
> > > This is designed to run on old 5.005 syststems, and as such it can't
> > > rely on File::Temp, so I didn't apply this one.
> >
> > Hmm. Perhaps I am missing something, but why does the version of
> > perlbug included in recent versions of Perl need to work with some
> > other version? The unpatched perlbug has a race (a security hole).
>
> Because someone trying but failing to install a newer version of
> Perl on a system can do
>
> /usr/bin/old-working-perl newperl-installdir/bin/perlbug ...
>
> But yes, it needs fixing somehow.
Also you may run perlbug like that if you have more than one version of perl
installed and you want to report a bug in /usr/bin/old-working-perl
If over time you install 5.5.x, 5.6.x, 5.8.x, then /usr/bin/perlbug will
no longer the one installed at the same time as /usr/bin/perl5.00503
(/usr/bin/perl5.00503 isn't deleted when /usr/bin/perl5.8.3 is installed)
From memory, I think that that the intent of specific patch hunk could be
applied by doing eval { require File::Temp }, and falling back to the older
unsafe code if the File::Temp module is not available.
Nicholas Clark
Thread Previous
|
Thread Next