[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#629251: marked as done (release-notes: document that suidperl is no longer available in wheezy)

Your message dated Mon, 23 Jul 2012 22:50:59 +0200
with message-id <20120723205059.GA26016@radis.cristau.org>
and subject line Re: Bug#628042: perl: file creation in suid Perl script no longer works
has caused the Debian Bug report #629251,
regarding release-notes: document that suidperl is no longer available in wheezy
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org

629251: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629251
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: perl
Version: 5.12.3-6
Severity: important

After the upgrade to perl 5.12, a file creation in a suid Perl script
no longer works. AFAIK the perl upgrade isn't supposed to introduce
backward incompatible changes (at least nothing was announced).

My script is the following:

-rwsr-sr-x 1 news news 5535 2006-03-10 13:25:34 /usr/local/bin/rpnews

It contains:

#!/usr/bin/perl -T


$< = $>;  # set real to effective uid

$ENV{'PATH'} = '/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin';

my $news = '/var/spool/news';
my $lock = "$news/rpnews.lock";

open LOCK, ">$lock" or die "$proc: can't create lock file\n$!\n";

and when running it as a normal user, I get the error:

rpnews: can't create lock file
Permission denied
zsh: exit 13    rpnews

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (900, 'testing'), (900, 'stable'), (500, 'oldstable'), (200, 'unstable')
Architecture: powerpc (ppc)

Kernel: Linux 2.6.26-1-powerpc
Locale: LANG=POSIX, LC_CTYPE=en_US.ISO8859-1 (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash

Versions of packages perl depends on:
ii  libbz2-1.0              1.0.5-6          high-quality block-sorting file co
ii  libc6                   2.11.2-7         Embedded GNU C Library: Shared lib
ii  libdb5.1                5.1.25-1         Berkeley v5.1 Database Libraries [
ii  libgdbm3                1.8.3-9          GNU dbm database routines (runtime
ii  perl-base               5.12.3-6         minimal Perl system
ii  perl-modules            5.12.3-6         Core Perl modules
ii  zlib1g                  1: compression library - runtime

Versions of packages perl recommends:
ii  netbase                       4.44       Basic TCP/IP networking system

Versions of packages perl suggests:
ii  libterm-readline-gnu-perl     1.20-1+b2  Perl extension for the GNU ReadLin
ii  libterm-readline-perl-perl    1.0303-1   Perl implementation of Readline li
ii  make                          3.81-8.1   An utility for Directing compilati
ii  perl-doc                      5.12.3-6   Perl documentation

-- no debconf information

--- End Message ---
--- Begin Message ---
On Sat, Jun  4, 2011 at 22:53:16 +0100, Dominic Hargreaves wrote:

> On Fri, May 27, 2011 at 03:04:49PM +0300, Niko Tyni wrote:
> > I think README.Debian and release notes may have to do. Maybe we should
> > bring this up on debian-devel to get other opinions.
> Yes, I agree that this only affects a small minority of users and
> so we shouldn't have a noisy news item.
> I've added a note to README.Debian and cloned this bug to release-notes,
> and am CCing this to -devel for any other opinions.
Added to the release notes for wheezy in

Should be visible soon at


Attachment: signature.asc
Description: Digital signature

--- End Message ---

Reply to: