You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@perl.apache.org by Stas Bekman <st...@stason.org> on 2004/11/06 01:50:53 UTC
[mp2] smoke failure in t/apr/perlio.t
t/SMOKE has revealed a problem with the following run:
t/TEST -v -maxclients 1 t/apache/read.t t/hooks/authz.t t/modperl/pnotes.t
t/error/runtime.t t/apr/perlio.t
The error is:
[Fri Nov 05 19:44:51 2004] [error] [client 127.0.0.1] Insecure dependency
in open while running setgid at
/home/stas/apache.org/mp2-cvs/t/response/TestAPR/perlio.pm line 55.
The nasty things that we have seen before, which happens after
Perl_croak() in t/error/runtime.t. Not sure why 3 more tests needed before
to get this reproduced.
What is it that perlsec wants to make perl happy? (I think it's a bug in
perl.)
--
__________________________________________________________________
Stas Bekman JAm_pH ------> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:stas@stason.org http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org http://ticketmaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@perl.apache.org
For additional commands, e-mail: dev-help@perl.apache.org
Re: [mp2] smoke failure in t/apr/perlio.t
Posted by Stas Bekman <st...@stason.org>.
Stas Bekman wrote:
> Stas Bekman wrote:
>
>> t/SMOKE has revealed a problem with the following run:
>>
>> t/TEST -v -maxclients 1 t/apache/read.t t/hooks/authz.t
>> t/modperl/pnotes.t t/error/runtime.t t/apr/perlio.t
>>
>> The error is:
>>
>> [Fri Nov 05 19:44:51 2004] [error] [client 127.0.0.1] Insecure
>> dependency in open while running setgid at
>> /home/stas/apache.org/mp2-cvs/t/response/TestAPR/perlio.pm line 55.
>>
>> The nasty things that we have seen before, which happens after
>> Perl_croak() in t/error/runtime.t. Not sure why 3 more tests needed
>> before to get this reproduced.
>>
>> What is it that perlsec wants to make perl happy? (I think it's a bug
>> in perl.)
>
>
> it's still there, another sequence found with t/SMOKE with worker.
>
> t/TEST t/protocol/echo_bbs2.t t/apr/flatten.t
> t/filter/out_str_subreq_default.t t/error/runtime.t t/apr/perlio.t
both fixed in r122973:
replace the added in 1.99_17 code on resetting/restoring PL_tainted,
with explicit reset before and after each each callback. This solves a
complicated tainting issues caused when perl exception object is
thrown. rgs suggested that it should be safe, similar to perl's own
pp_nextstate which says: /* Each statement is presumed innocent */
[Stas]
--
__________________________________________________________________
Stas Bekman JAm_pH ------> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:stas@stason.org http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org http://ticketmaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@perl.apache.org
For additional commands, e-mail: dev-help@perl.apache.org
Re: [mp2] smoke failure in t/apr/perlio.t
Posted by Stas Bekman <st...@stason.org>.
Stas Bekman wrote:
> t/SMOKE has revealed a problem with the following run:
>
> t/TEST -v -maxclients 1 t/apache/read.t t/hooks/authz.t
> t/modperl/pnotes.t t/error/runtime.t t/apr/perlio.t
>
> The error is:
>
> [Fri Nov 05 19:44:51 2004] [error] [client 127.0.0.1] Insecure
> dependency in open while running setgid at
> /home/stas/apache.org/mp2-cvs/t/response/TestAPR/perlio.pm line 55.
>
> The nasty things that we have seen before, which happens after
> Perl_croak() in t/error/runtime.t. Not sure why 3 more tests needed
> before to get this reproduced.
>
> What is it that perlsec wants to make perl happy? (I think it's a bug in
> perl.)
it's still there, another sequence found with t/SMOKE with worker.
t/TEST t/protocol/echo_bbs2.t t/apr/flatten.t
t/filter/out_str_subreq_default.t t/error/runtime.t t/apr/perlio.t
--
__________________________________________________________________
Stas Bekman JAm_pH ------> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:stas@stason.org http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org http://ticketmaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@perl.apache.org
For additional commands, e-mail: dev-help@perl.apache.org