Front page | perl.perl5.porters |
Postings from July 2013
Re: FW: Localizing %SIG in Safe.pm 2.{35,36,37} crashesPOE::Wheel::Run ...
Thread Previous
|
Thread Next
From:
Rafael Garcia-Suarez
Date:
July 17, 2013 07:31
Subject:
Re: FW: Localizing %SIG in Safe.pm 2.{35,36,37} crashesPOE::Wheel::Run ...
Message ID:
CAMoYMM8vFSurnOZ2z6GQ-ORThAAU1F1hEM-ViQn87TAq9XBfkQ@mail.gmail.com
Hi all
Breaking out a Safe compartment is all about compiling code that will
be executed later. It happens that there are working exploits that use
a combination of %SIG and eval inside the safe-evaled block to execute
such compilations; then arbitrary commands can be run on any signal
received by the process that compiled the safe compartment.
(I repeat it again -- without this fix it's possible to make perl
execute `rm -fr /` through code passed to Safe. So the fix stays.)
The fix I put in Safe was to simply wipe out %SIG in the Safe
compartment. In theory that should not have been necessary, since %SIG
is not shared between %main:: and the Safe root stash, but that's
apparently not how the perl internals work; so, to have a fix
back-portable to older perls, I did not found any other way. If
someone wants to investigate, I'll be happy to provide details...
Also I'd like to understand why you need to set signal handlers in a
Safe compartment. As far as I can tell this has only ever worked by
accident.
On 16 July 2013 18:00, Markus Jansen <markus.jansen@ericsson.com> wrote:
> Hi,
>
> FYI ... hope none of you wastes time with this really nasty trap ...
>
> Best regards,
> Markus
>
> -----Original Message-----
> From: Markus Jansen
> Sent: Tuesday, July 16, 2013 5:57 PM
> To: perlbug@perl.org
> Cc: Markus Jansen
> Subject: Localizing %SIG in Safe.pm 2.{35,36,37} crashes POE::Wheel::Run ...
>
>
> This is a bug report for perl from markus.jansen@ericsson.com, generated with the help of perlbug 1.39 running under perl 5.18.0.
>
>
> -----------------------------------------------------------------
> [Please describe your issue here]
>
> Dear Perl5 Porters,
>
> localizing %SIG in Safe.pm 2.35 (on CPAN, 2.{35,36,37} in Perl core) may be a great step for security, but it unfortunatately spoils POE::Wheel::Run (basically POE and all other asynchronous frameworks dealing with external processes).
>
> The symptom experienced is that your application might sooner or later crash (reliably when using POE::Component::Resolver upon exiting a Sidecar subprocess) with the following famous last words:
>
> Signal SIGCHLD received, but no signal handler set.
>
> Please consider a version (also on CPAN) of Safe.pm which has e.g. the localization of %SIG as a switchable feature.
>
> Best regards,
> Markus
>
>
>
> [Please do not change anything below this line]
> -----------------------------------------------------------------
> ---
> Flags:
> category=library
> severity=critical
> module=Safe
> ---
> Site configuration information for perl 5.18.0:
>
> Configured by ericsson at Fri Jul 12 19:17:48 CEST 2013.
>
> Summary of my perl5 (revision 5 version 18 subversion 0) configuration:
>
> Platform:
> osname=linux, osvers=2.6.16.60-0.42.10-smp, archname=x86_64-linux-thread-multi
> uname='linux sekix562 2.6.16.60-0.42.10-smp #1 smp tue apr 27 05:11:27 utc 2010 x86_64 x86_64 x86_64 gnulinux '
> config_args='-d -e -O -D cc=gcc -D prefix=/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/prod -D usemultiplicity -U use5005threads -D usedl -D useshrplib -D libperl=libcmacperl.so -U usemymalloc -D cf_by=ericsson -D cf_email=scmadm@clearcase.ericsson.se -D perladmin=scmadm@clearcase.ericsson.se -D uselargefiles -D usethreads -D useithreads -D use64bitall -D ldcc=CC -D optimize=-O3 -D locincpth=/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/include /vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/apache/include -D loclibpth=/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/lib /vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/apache/lib -D lddlflags=-shared -lpthread -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/prod/lib/5.18.0/x86_64-linux-thread-multi/CORE -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/prod/lib/5.18.0
> /x86_64-linux-thread-multi/CORE -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/lib -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/lib -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/apache/lib -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/apache/lib -Wl,--enable-new-dtags -D ldflags=-lpthread -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/prod/lib/5.18.0/x86_64-linux-thread-multi/CORE -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/prod/lib/5.18.0/x86_64-linux-thread-multi/CORE -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/lib -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/lib -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/apache/lib -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/
> plib/apache/lib -Wl,--enable-new-dtags -D ccdlflags=-Bdynamic -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/prod/lib/5.18.0/x86_64-linux-thread-multi/CORE -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/prod/lib/5.18.0/x86_64-linux-thread-multi/CORE -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/lib -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/lib -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/apache/lib -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/apache/lib -D ldlibpthname=LD_LIBRARY_PATH -D cccdlflags=-fPIC -D dlsrc=dl_dlopen.xs -D ccflags=-O2 -D_REENTRANT -D_GNU_SOURCE -DTHREADS_HAVE_PIDS -pthread -DPERL_IMPLICIT_CONTEXT -DPERL_USE_SAFE_PUTENV -m64 -pipe -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -fPIC -D so=so -D libswanted=nsl dl m crypt pthread c'
> hint=recommended, useposix=true, d_sigaction=define
> useithreads=define, usemultiplicity=define
> useperlio=define, d_sfio=undef, uselargefiles=define, usesocks=undef
> use64bitint=define, use64bitall=define, uselongdouble=undef
> usemymalloc=n, bincompat5005=undef
> Compiler:
> cc='gcc', ccflags ='-D_REENTRANT -D_GNU_SOURCE -O2 -D_REENTRANT -D_GNU_SOURCE -DTHREADS_HAVE_PIDS -pthread -DPERL_IMPLICIT_CONTEXT -DPERL_USE_SAFE_PUTENV -m64 -pipe -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -fPIC -fno-strict-aliasing -fstack-protector -I/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/include -I/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/apache/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
> optimize='-O3',
> cppflags='-D_REENTRANT -D_GNU_SOURCE -O2 -D_REENTRANT -D_GNU_SOURCE -DTHREADS_HAVE_PIDS -pthread -DPERL_IMPLICIT_CONTEXT -DPERL_USE_SAFE_PUTENV -m64 -pipe -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -fPIC -fno-strict-aliasing -fstack-protector -I/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/include -I/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/apache/include'
> ccversion='', gccversion='4.1.2 20070115 (SUSE Linux)', gccosandvers=''
> intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678
> d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
> ivtype='long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
> alignbytes=8, prototype=define
> Linker and Libraries:
> ld='gcc', ldflags ='-lpthread -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/prod/lib/5.18.0/x86_64-linux-thread-multi/CORE -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/prod/lib/5.18.0/x86_64-linux-thread-multi/CORE -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/lib -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/lib -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/apache/lib -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/apache/lib -Wl,--enable-new-dtags -fstack-protector'
> libpth=/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/lib /vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/apache/lib /lib/../lib64 /usr/lib/../lib64 /lib /usr/lib /usr/local/lib /lib64 /usr/lib64 /usr/local/lib64
> libs=-lnsl -ldl -lm -lcrypt -lpthread -lc
> perllibs=-lnsl -ldl -lm -lcrypt -lpthread -lc
> libc=/lib/libc-2.4.so, so=so, useshrplib=true, libperl=libcmacperl.so
> gnulibc_version='2.4'
> Dynamic Linking:
> dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Bdynamic -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/prod/lib/5.18.0/x86_64-linux-thread-multi/CORE -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/prod/lib/5.18.0/x86_64-linux-thread-multi/CORE -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/lib -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/lib -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/apache/lib -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/apache/lib'
> cccdlflags='-fPIC', lddlflags='-shared -lpthread -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/prod/lib/5.18.0/x86_64-linux-thread-multi/CORE -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/prod/lib/5.18.0/x86_64-linux-thread-multi/CORE -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/lib -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/lib -Wl,-L/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/apache/lib -Wl,-rpath,/vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/apache/lib -Wl,--enable-new-dtags -fstack-protector'
>
> Locally applied patches:
>
>
> ---
> @INC for perl 5.18.0:
> /vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/prod/lib/site_perl/5.18.0/x86_64-linux-thread-multi
> /vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/prod/lib/site_perl/5.18.0
> /vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/prod/lib/5.18.0/x86_64-linux-thread-multi
> /vobs/cc/CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/prod/lib/5.18.0
> .
>
> ---
> Environment for perl 5.18.0:
> HOME=/home/eedmja
> LANG=en_US.UTF-8
> LANGUAGE (unset)
> LD_LIBRARY_PATH (unset)
> LOGDIR (unset)
> PATH=/tmp/_cc_CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/prod/bin:/tmp/_cc_CCA-perl01/perl5_Linux_x64__________sixtyfive_char_path/plib/bin:/bin:/usr/bin:/sbin:/usr/sbin:/opt/gnome/bin:/opt/kde3/bin:/usr/bin/X11:/home/eedmja/bin:/opt/rational/clearcase/bin
> PERL_BADLANG (unset)
> SHELL=/bin/tcsh
Thread Previous
|
Thread Next