Skip Menu |

This queue is for tickets about the Pod-Perldoc CPAN distribution.

Report information
The Basics
Id: 2360
Status: resolved
Priority: 0/
Queue: Pod-Perldoc
People
Owner: sburke [...] cpan.org
Requestors: schwern [...] pobox.com
Cc:
AdminCc:
Bug Information
Severity: Important
Broken in: 3.08
Fixed in: 3.09

History Show all quoted text
  Tue Apr 08 06:28:19 2003 mschwern [...] cpan.org - Ticket created
Subject: Pod::Perldoc can't drop privs on OS X. Reinstate -U? Stop being so paranoid?
Due to a bug in Perl and/or OS X, Pod::Perldoc can't drop privledges, so perldoc can't be used as superuser. $ sudo perldoc Foo Superuser must not run /usr/bin/perldoc without security audit and taint checks. $ uname -a Darwin windhund.schwern.org 6.4 Darwin Kernel Version 6.4: Wed Jan 29 18:50:42 PST 2003; root:xnu/xnu-344.26.obj~1/RELEASE_PPC Power Macintosh powerpc This is because the UID of nobody on OS X is -2 for some bizarre reason only Apple knows. getpwnam() gets (rightfully) confused and returns the uid as 2**32-2. Pod::Perldoc tries to setuid to that with no luck. A cheap work around for this is to reinstate the -U "run insecurely" flag for which I've supplied a patch. An even cheaper work around is to just drop the die statement completely. Of all the places to start being paranoid, perldoc is a pretty odd place to do it. The security audit was added by Tom three years ago with the comment "It's still spaghetti code that deserves to be burnt to ashes." http://www.xray.mpe.mpg.de/mailing-lists/perl5-porters/2000-03/msg00957.html http://www.xray.mpe.mpg.de/mailing-lists/perl5-porters/2000-03/msg01011.html Well, its been burned to ashes and rebuilt.
--- lib/Pod/Perldoc.pm 2003/04/08 09:59:33 1.1 +++ lib/Pod/Perldoc.pm 2003/04/08 10:00:48 @@ -57,7 +57,7 @@ # # Option accessors... -foreach my $subname (map "opt_$_", split '', q{mhlvriFfXqnTd}) { +foreach my $subname (map "opt_$_", split '', q{mhlvriFfXqnTdU}) { no strict 'refs'; *$subname = do{ use strict 'refs'; sub () { shift->_elem($subname, @_) } }; } @@ -119,8 +119,6 @@ exit; } -sub opt_U {} # legacy no-op - sub opt_t { # choose plaintext as output format my $self = shift; $self->opt_o_with('text') if @_ and $_[0]; @@ -256,6 +254,7 @@ -w formatter_option:option_value -X use index if present (looks for pod.idx at $Config{archlib}) -q Search the text of questions (not answers) in perlfaq[1-9] + -U Run in insecure mode (superuser only) PageName|ModuleName... is the name of a piece of documentation that you want to look at. You @@ -1609,7 +1608,7 @@ $> = $id; # effective uid }; die "Superuser must not run $0 without security audit and taint checks.\n" - unless !$@ && $< && $>; + unless $self->opt_U || (!$@ && $< && $>); } return; }
  Sun Oct 19 20:39:00 2003 sburke [...] cpan.org - Given to SBURKE
  Sun Oct 19 20:40:32 2003 sburke [...] cpan.org - Fixed in 3.09 added
  Sun Oct 19 20:40:32 2003 sburke [...] cpan.org - Status changed from 'new' to 'resolved'