Bug#629251: marked as done (release-notes: document that suidperl is no longer available in wheezy)

To: Julien Cristau <jcristau@debian.org>
Subject: Bug#629251: marked as done (release-notes: document that suidperl is no longer available in wheezy)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Mon, 23 Jul 2012 20:54:10 +0000
Message-id: <[🔎] handler.629251.D629251.134307666410973.ackdone@bugs.debian.org>
References: <20120723205059.GA26016@radis.cristau.org> <20110526160928.GA876@ay.vinc17.org>

Your message dated Mon, 23 Jul 2012 22:50:59 +0200
with message-id <20120723205059.GA26016@radis.cristau.org>
and subject line Re: Bug#628042: perl: file creation in suid Perl script no longer works
has caused the Debian Bug report #629251,
regarding release-notes: document that suidperl is no longer available in wheezy
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
629251: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629251
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: perl: file creation in suid Perl script no longer works
From: Vincent Lefevre <vincent@vinc17.net>
Date: Thu, 26 May 2011 18:09:28 +0200
Message-id: <20110526160928.GA876@ay.vinc17.org>

Package: perl
Version: 5.12.3-6
Severity: important

After the upgrade to perl 5.12, a file creation in a suid Perl script
no longer works. AFAIK the perl upgrade isn't supposed to introduce
backward incompatible changes (at least nothing was announced).

My script is the following:

-rwsr-sr-x 1 news news 5535 2006-03-10 13:25:34 /usr/local/bin/rpnews

It contains:

#!/usr/bin/perl -T

[...]

$< = $>;  # set real to effective uid

$ENV{'PATH'} = '/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin';

my $news = '/var/spool/news';
my $lock = "$news/rpnews.lock";

open LOCK, ">$lock" or die "$proc: can't create lock file\n$!\n";

and when running it as a normal user, I get the error:

rpnews: can't create lock file
Permission denied
zsh: exit 13    rpnews

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (900, 'testing'), (900, 'stable'), (500, 'oldstable'), (200, 'unstable')
Architecture: powerpc (ppc)

Kernel: Linux 2.6.26-1-powerpc
Locale: LANG=POSIX, LC_CTYPE=en_US.ISO8859-1 (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash

Versions of packages perl depends on:
ii  libbz2-1.0              1.0.5-6          high-quality block-sorting file co
ii  libc6                   2.11.2-7         Embedded GNU C Library: Shared lib
ii  libdb5.1                5.1.25-1         Berkeley v5.1 Database Libraries [
ii  libgdbm3                1.8.3-9          GNU dbm database routines (runtime
ii  perl-base               5.12.3-6         minimal Perl system
ii  perl-modules            5.12.3-6         Core Perl modules
ii  zlib1g                  1:1.2.3.4.dfsg-3 compression library - runtime

Versions of packages perl recommends:
ii  netbase                       4.44       Basic TCP/IP networking system

Versions of packages perl suggests:
ii  libterm-readline-gnu-perl     1.20-1+b2  Perl extension for the GNU ReadLin
ii  libterm-readline-perl-perl    1.0303-1   Perl implementation of Readline li
ii  make                          3.81-8.1   An utility for Directing compilati
ii  perl-doc                      5.12.3-6   Perl documentation

-- no debconf information

--- End Message ---

--- Begin Message ---

To: Dominic Hargreaves <dom@earth.li>, 629251-done@bugs.debian.org

Subject: Re: Bug#628042: perl: file creation in suid Perl script no longer works

From: Julien Cristau <jcristau@debian.org>

Date: Mon, 23 Jul 2012 22:50:59 +0200

Message-id: <20120723205059.GA26016@radis.cristau.org>

In-reply-to: <20110604215316.GT29167@urchin.earth.li>

References: <20110526160928.GA876@ay.vinc17.org> <20110527103357.GG29655@urchin.earth.li> <20110527120449.GA11787@madeleine.local.invalid> <20110604215316.GT29167@urchin.earth.li>
On Sat, Jun  4, 2011 at 22:53:16 +0100, Dominic Hargreaves wrote:

> On Fri, May 27, 2011 at 03:04:49PM +0300, Niko Tyni wrote:
> > I think README.Debian and release notes may have to do. Maybe we should
> > bring this up on debian-devel to get other opinions.
> 
> Yes, I agree that this only affects a small minority of users and
> so we shouldn't have a noisy news item.
> 
> I've added a note to README.Debian and cloned this bug to release-notes,
> and am CCing this to -devel for any other opinions.
> 
Added to the release notes for wheezy in
http://anonscm.debian.org/viewvc/ddp/manuals/trunk/release-notes/en/issues.dbk?r1=9265&r2=9266

Should be visible soon at
http://www.debian.org/releases/wheezy/amd64/release-notes/ch-information.en.html

Cheers,
Julien
Attachment: signature.asc
Description: Digital signature

--- End Message ---

Reply to:

Prev by Date: Re: wheezy release notes
Next by Date: Re: wheezy release notes
Previous by thread: Re: wheezy release notes
Next by thread: Bug#668668: marked as done (Add upgrade pointers for Request Tracker)
Index(es):
- Date
- Thread