Skip Menu |

This queue is for tickets about the Monitoring-GLPlugin CPAN distribution.

Report information
The Basics
Id: 116130
Status: open
Priority: 0/
Queue: Monitoring-GLPlugin
People
Owner: Nobody in particular
Requestors: ANDK [...] cpan.org
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: 2.2.0.1
Fixed in: (no value)

History Show all quoted text
  Wed Jul 13 22:02:20 2016 ANDK [...] cpan.org - Ticket created
Subject: Test generates predictable filename in /tmp
As per subject. Filename is /tmp/device::uptime_test May I suggest that this be amended to use File::Temp to produce (1) unpredictable files? Predictable filenames in /tmp have rather nasty security implications when people run the tests as root so should be avoided. You can read up on the topic at http://www.linuxsecurity.com/content/view/115462/151/ Besides that, File::Temp can clean up when the test is done and it would prevent that parallel running tests disturb each other. Thanks!
  Wed Oct 12 11:36:08 2016 DCOLLINS [...] cpan.org - Correspondence added
On Wed Jul 13 22:02:20 2016, ANDK wrote: Show quoted text
> As per subject. Filename is /tmp/device::uptime_test > > May I suggest that this be amended to use File::Temp to produce (1) > unpredictable files? > > Predictable filenames in /tmp have rather nasty security implications > when people run the tests as root so should be avoided. You can read > up on the topic at > http://www.linuxsecurity.com/content/view/115462/151/ > > Besides that, File::Temp can clean up when the test is done and it > would prevent that parallel running tests disturb each other. > > Thanks!
Hello, Please consider fixing this bug which currently causes your testsuite to fail consistently and cryptically. All that is necessary is to replace the hardcoded file with a random name generated by File::Temp, or alternately, to create that file within a temporary directory with a random name.
  Wed Oct 12 11:36:08 2016 The RT System itself - Status changed from 'new' to 'open'