| Subject: | fails in taint mode |
when using Daemon::Simple in a script with taint checks turned on, using
the 'stop' command fails with:
Insecure dependency in kill while running with -T switch at
/usr/local/share/perl/5.8.8/Daemon/Simple.pm line 104.
I've included a patch that does a simple check to make sure we've
received an integer from the pid file.
| Subject: | daemon-simple.patch |
--- /usr/local/share/perl/5.10.0/Daemon/Simple.pm 2008-07-31 20:20:36.000000000 -0700
+++ /tmp/Simple.pm 2009-01-20 13:32:39.000000000 -0800
@@ -83,7 +83,8 @@ sub get_pidfile
return 0 unless( -e$pidfile );
open(FILE, "$pidfile");
my $pid = <FILE>;
- chomp($pid);
+ die "Unexpected PID in $pidfile" unless $pid =~ /^(\d+)$/;
+ $pid = $1;
close(FILE);
return $pid;
}