develooper Front page | perl.perl5.porters | Postings from July 2012

File::Temp issues

Thread Next
Tim Jenness
July 17, 2012 21:12
File::Temp issues
Message ID:
I've been behind with my File::Temp releases and this is mainly due to a couple of outstanding issues. Since it's part of core I feel I should ask for some advice before making a new release. 

1. In fixing CPAN RT #44924 to ensure that relative paths become absolute (so that you can chdir somewhere else) you end up with tainted temp directories which can't be cleaned up (File::Path::rmtree can't use chdir on them) and can't be used as a base for new temp files (sysopen fails because you now have a tainted root). Cwd explicitly taints the directory so I imagine that checking if the cwd exists and that it contains the new temp directory is not a good thing. Should I die early if you even attempt to use a relative path as a root for a temporary directory if taint checking is on? The problem being that in the current released File::Temp it does work (so long as you don't chdir anywhere). I imagine I have the option of not fixing #44924 when taint mode is enabled.

2. CVE-2011-4116 aka CPAN RT #69106.

The implication here being that every component of the path for the temp file should be checked to see if it's a soft link and if it is refuse to create the temp file. Do people concur? Is there a module for doing that reliably or do I roll my own from File::Spec. Is anyone concerned that this CVE is open?

A side effect of this is a discussion suggesting that File::Temp in its default invocation should put temp files into a subdirectory of File::Spec->tmpdir (using tempdir). 

Comments welcome. I'm at OSCON if anyone there wants to talk about this. There don't seem to be enough people interested in a p5p BoF.

Tim Jenness

Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About