Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=175467 Summary: [patch] Bug in perl-5.8.6-CAN-2004-0976.patch; revised patch Product: Fedora Core Version: fc4 Platform: All URL: http://www.redhat.com/archives/fedora-announce- list/2005-November/msg00055.html OS/Version: Linux Status: NEW Severity: normal Priority: normal Component: perl AssignedTo: jvdias@xxxxxxxxxx ReportedBy: deisenst@xxxxxxx QAContact: dkl@xxxxxxxxxx CC: fedora-perl-devel-list@xxxxxxxxxx -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Description of problem: There is a bug in the CAN-2004-0976 patch applied to the two most recent releases of FC4's perl-5.8.6, file 'perl-5.8.6-CAN-2004-0976.patch' in the .src.rpm. As you already know, this patch, appearing to be based on the OWL/solartemp patch, exists to fix insecure temporary file vulnerabilities, especially in code or documentation that opens (or talks about opening) files insecurely in the /tmp directory. In the parts of the patch that changes perl pod docs, solardesigner changes "/tmp" to "/var/run" all over the place. The portion of the patch that concerns me is for the perl debugger, perl-5.8.6/lib/perl5db.pl. This patch changes the file "/tmp/perldbtty$$" to "/var/run/perldbtty$$". This is the file used to tell Term::Rendezvous what terminal to use when the debugger is running in NonStop mode and needs a break. Problem is, regular users have no way to create or change a file in directory /var/run; only root can do this. I have attached an updated 'perl-5.8.6-CAN-2004-0976.patch' file that fixes this problem, patching perl5db.pl much like Debian has in their patch called "09_fix_insecure_tempfiles" gleaned from their <http://ftp.debian.org/debian/pool/main/p/perl/perl_5.8.4-8.diff.gz>. The attached patch also has the benefit of changing the modified lines to pretty well match the upstream perl-5.8.7 for the same lines. Version-Release number of selected component (if applicable): perl-5.8.6-18.src.rpm SHA1SUM of attachment: 72ea05dd629a65ce6dacdd92f6096bf7d9b31ea4 perl-5.8.6-CAN-2004-0976.new.patch -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFDm8/zxou1V/j9XZwRAmTtAJ9lbuulcFXGu6oYQpmdzHYQmvjR8ACg3Zgl QWHdLDC+o9eYgemJf/REmgE= =20cK -----END PGP SIGNATURE----- ------- Additional Comments From deisenst@xxxxxxx 2005-12-11 02:19 EST ------- Created an attachment (id=122106) --> (https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=122106&action=view) Revised patch -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
