develooper Front page | perl.perl5.porters | Postings from July 2019

[perl #134314] Recommend chdir after chroot more strongly

Thread Previous
From:
Andrew Fresh
Date:
July 27, 2019 04:36
Subject:
[perl #134314] Recommend chdir after chroot more strongly
Message ID:
rt-4.0.24-15724-1564079927-1145.134314-75-0@perl.org
# New Ticket Created by  Andrew Fresh 
# Please include the string:  [perl #134314]
# in the subject line of all future correspondence about this issue. 
# <URL: https://rt.perl.org/Ticket/Display.html?id=134314 >



This is a bug report for perl from andrew@cpan.org,
generated with the help of perlbug 1.41 running under perl 5.30.0.


-----------------------------------------------------------------
[Please describe your issue here]

It recently came up that the documentation for chroot does not recommend calling chdir after strongly enough.  This patch adjusts the NOTE to mention that it is mandatory for security.

https://marc.info/?l=openbsd-misc&m=156406908805913&w=2


[Please do not change anything below this line]
-----------------------------------------------------------------
---
Flags:
    category=docs
    severity=medium
---
Site configuration information for perl 5.30.0:

Configured by root at Thu Jan  1  0:00:00 UTC 1970.

Summary of my perl5 (revision 5 version 30 subversion 0) configuration:
   
  Platform:
    osname=openbsd
    osvers=6.5
    archname=amd64-openbsd
    uname='openbsd'
    config_args='-dsE -Dopenbsd_distribution=defined -Dccflags=-DNO_LOCALE_NUMERIC -DNO_LOCALE_COLLATE -Dmksymlinks'
    hint=recommended
    useposix=true
    d_sigaction=define
    useithreads=undef
    usemultiplicity=undef
    use64bitint=define
    use64bitall=define
    uselongdouble=undef
    usemymalloc=n
    default_inc_excludes_dot=define
    bincompat5005=undef
  Compiler:
    cc='cc'
    ccflags ='-DNO_LOCALE_NUMERIC -DNO_LOCALE_COLLATE -fno-strict-aliasing -fno-delete-null-pointer-checks -pipe -fstack-protector-strong -D_FORTIFY_SOURCE=2 -I/usr/local/include'
    optimize='-O2'
    cppflags='-DNO_LOCALE_NUMERIC -DNO_LOCALE_COLLATE -fno-strict-aliasing -fno-delete-null-pointer-checks -pipe -fstack-protector-strong -I/usr/local/include'
    ccversion=''
    gccversion='4.2.1 Compatible OpenBSD Clang 8.0.0 (tags/RELEASE_800/final)'
    gccosandvers=''
    intsize=4
    longsize=8
    ptrsize=8
    doublesize=8
    byteorder=12345678
    doublekind=3
    d_longlong=define
    longlongsize=8
    d_longdbl=define
    longdblsize=16
    longdblkind=3
    ivtype='long'
    ivsize=8
    nvtype='double'
    nvsize=8
    Off_t='off_t'
    lseeksize=8
    alignbytes=8
    prototype=define
  Linker and Libraries:
    ld='cc'
    ldflags ='-Wl,-E  -fstack-protector-strong -L/usr/local/lib'
    libpth=/usr/lib /usr/lib
    libs=-lm -lc
    perllibs=-lm -lc
    libc=/usr/lib/libc.so.95.1
    so=so
    useshrplib=true
    libperl=libperl.so.20.0
    gnulibc_version=''
  Dynamic Linking:
    dlsrc=dl_dlopen.xs
    dlext=so
    d_dlsymun=undef
    ccdlflags='-Wl,-R/usr/libdata/perl5/amd64-openbsd/CORE'
    cccdlflags='-DPIC -fPIC '
    lddlflags='-shared -fPIC  -fstack-protector-strong -L/usr/local/lib'


---
@INC for perl 5.30.0:
    /usr/local/libdata/perl5/site_perl/amd64-openbsd
    /usr/local/libdata/perl5/site_perl
    /usr/libdata/perl5/amd64-openbsd
    /usr/libdata/perl5

---
Environment for perl 5.30.0:
    HOME=/home/afresh1
    LANG (unset)
    LANGUAGE (unset)
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=/home/afresh1/.plenv/libexec:/home/afresh1/.plenv/plugins/perl-build/bin:/home/afresh1/.plenv/shims:/home/afresh1/.plenv/bin:/home/afresh1/bin:/home/afresh1/bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin:/usr/games:.:/usr/ports/infrastructure/bin
    PERL_BADLANG (unset)
    SHELL=/bin/ksh

Thread Previous


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About