in reply to security patch for perl 5.6.1
anyway, here is what I have pulled together about the vulnerabilities for future reference. (below is from debian perl_5.6.1-8.8.diff.gz). I am not so sure if that applies my solaris system though.
this from debian
searching around, this url from ubuntu linux appears helpful.+ * SECURITY [CAN-2004-0452]: use less permissive chmods in rmtree. + * SECURITY [CAN-2004-0976]: patches from Trustix for insecure temp + file usage (thanks to Joey Hess for analysis). + - Some unsafe examples in the DB_File POD + - Use of hard coded temp file name in ext/IO/t/io_unix.t + - Hardcoded tmp file in ext/ODBM_File/ODBM_File.xs + - Some potentially unsafe examples in POSIX pod + - Hardcoded tmp file path in example of Socket.pm + - Example in Cookie.pm that uses /usr/tmp + - An example in MakeMaker.pm that suggets setting PREFIX=/tmp/myp +erl5 + - Insecure use of /tmp file in ExtUtils/inst + - Insecure use of /tmp file in docs of Shell.pm + - Insecure use of /tmp file in docs of dotsh.pl + - Insecure use of /tmp file in setterm() function of lib/perl5db. +pl + - Insecure use of /tmp file in mpeix/nm + - Insecure use of /tmp file in perly.fixer + - Insecure use of /tmp file in perldbmfilter.pod, perldebug.pod + - Various fixes in the FAQ + - perlfunc.pod, ditto + - perlipc.pod, ditto + - perllexwarn.pod, ditto + - perlobj.pod, ditto + - perlop.pod, ditto + - perlopentut.pod, ditto + - Insecure use of /tmp in utils/c2ph.PL, utils/perlbug.PL
the second one :+ * SECURITY UPDATE: fix information/file leakage in File::Path::rmtr +ee() + * lib/File/Path.pm, rmtree(): use chmod 700/600 instead of 777/666 +before + removing files/directories; this will not leave world-readable/wr +iteable + directories and files behind if rmdir/unlink fails somehow and av +oid race + conditions + * References: + CAN-2004-0452
for some reason, the second one doesn't cover all that mentioned in debian. maybe because of different distro that's better than nothing, but I am not that confident enough to create a patch base on them and test it all out. I am not keep on doing code assessment because this will create redundency and lot of work if future exploit happens.+ * SECURITY UPDATE: multiple insecure temporary file usages + (Warty bug #2771) + * added patch 03_safe_tmpfiles.patch: + - ext/Devel/PPPort/PPPort.pm: use safe method of create temporary + file + - lib/ExtUtils/instmodsh: use File::Temp to create temporary file + safely + - lib/Memoize/t/{tie.t,tie_gdbm.t,tie_ndbm.t,tie_sdbm.t,tie_stora +ble.t}, + ext/DB_File/t/db-recno.t: create temporary files in current dir +ectory, not + /tmp; these test scripts are only used during package build, so + this + should be safe + * References: + CAN-2004-0976
overall, without patch,we decided to go for the latest perl because we are going to test it all out anyway in either above cases.
|
|---|