Re: [perl #127810] Provide -Dfortify_inc Configure option to remove. from @INC

On Thu, Mar 31, 2016 at 05:01:11PM -0700, Todd Rinaldo wrote:
> What I propose is a small patch to perl.c which causes . to be missing
> from @INC unless the environment variable PERL_USE_UNSAFE_INC=1 is
> present. This would only happen based on a Configure question which
> would default to being off so that the default Perl install does not
> change.
> 
> Cpanel currently ships and updates Perl 5.22 along with roughly 900
> perl modules. In the coming version of our product, we will be
> shipping a Perl that does not have . in @INC. These modules are all
> built as RPMs and I consider the RPMs a failed build if their unit
> tests cannot pass. There were about 3 of these 900 modules I had to do
> something weird with (because they were stripping %ENV or just being
> weird themselves). I did this by Simply adding PERL_USE_UNSAFE_INC=1
> in the appropriate places to EU::MM, M::B, M::B::Tiny.
> 
> I am attaching the patches which will provide this option. I have
> updated no documentation yet. I can provide that if I can get some
> agreement for this to merge for 5.25.0 (I assume I've missed the 5.24
> deadline for something like this?)

Yes, 5.25.0 would be the earliest.

I have no objection in principle to something like this, but haven't
looked very closely at your patch yet. However I see that it needs more
work.  Building perl without -Dfortify_inc fails several tests. I've
attached a patch that fixes one issue, but there are still more to fix:

run/runenv.t                                                    (Wstat: 0 Tests: 104 Failed: 1)
  Failed test:  62
porting/checkcfgvar.t                                           (Wstat: 0 Tests: 22 Failed: 11)
  Failed tests:  2, 4, 6, 8, 10, 12, 14, 16, 18, 20, 22
porting/cmp_version.t                                           (Wstat: 0 Tests: 14 Failed: 2)

Also, looking at run/runenv.t, in the test in question the grep swallows
the test description rather than providing it as an arg to is().

I'm not familiar enough with the config system to know whether the
fortify_inc probe should be called d_fortify_inc or something instead,
I also wonder whether the define in config.h should be prefixed with
PERL. 'FORTIFY_INC' is pretty generic and could conceivably clash with
something else.

-- 
No man treats a motor car as foolishly as he treats another human being.
When the car will not go, he does not attribute its annoying behaviour to
sin, he does not say, You are a wicked motorcar, and I shall not give you
any more petrol until you go. He attempts to find out what is wrong and
set it right.
    -- Bertrand Russell,
       Has Religion Made Useful Contributions to Civilization?

• [perl #127810] Provide -Dfortify_inc Configure option to remove .from @INC by Todd Rinaldo via RT
• [perl #127810] Provide -Dfortify_inc Configure option to remove .from @INC by Tony Cook via RT
• [perl #127810] Provide -Dfortify_inc Configure option to remove .from @INC by Todd Rinaldo via RT
• [perl #127810] Provide -Dfortify_inc Configure option to remove .from @INC by Todd Rinaldo
• Re: [perl #127810] Provide -Dfortify_inc Configure option to remove. from @INC by Dave Mitchell
• [perl #127810] Provide -Dfortify_inc Configure option to remove .from @INC by Todd Rinaldo via RT
• [perl #127810] Provide -Dfortify_inc Configure option to remove .from @INC by Father Chrysostomos via RT