found 810924 5.22.1-4 forwarded 810924 https://rt.perl.org/Ticket/Display.html?id=127322 tag 810924 patch fixed-upstream pending thanks
On Thu, Jan 21, 2016 at 05:18:41PM +0000, Mark Hindley wrote: > In perl 5.22.1 IO::File->new_tmpfile returns a file with mode 0000. Trying to > reopen this within the same process then fails with permission denied. In perl > versions prior to this the temporary file has mode 0600. Thanks. I forwarded this upstream in https://rt.perl.org/Ticket/Display.html?id=127322 but it took them a while to assess potential security implications. In the end those were deemed minor enough that the fix was released without the full security coordination process. I'm attaching the patch that was applied upstream. This will be in the next Debian upload. -- Niko Tyni [email protected]
>From c7f9fd502e015c6dca18f88c6c972413d2d789b3 Mon Sep 17 00:00:00 2001 From: Niko Tyni <[email protected]> Date: Thu, 21 Jan 2016 18:17:32 +0200 Subject: Fix umask for mkstemp(3) calls With commit v5.21.0-67-g60f7fc1, perl started setting umask to 0600 before calling mkstemp(3), and then restoring it afterwards. This is wrong as it tells open(2) to strip the owner read and write bits from the given mode before applying it, rather than the intended negation of leaving only those bits in place. On modern systems which call open(2) with mode 0600 in mkstemp(3), this clears all the created temporary file permissions. However, any systems that use mode 0666 in mkstemp(3) (like ancient versions of glibc) now create a file with permissions 0066, leaving world read and write permission regardless of current umask. Using umask 0177 instead fixes this. Bug: https://rt.perl.org/Ticket/Display.html?id=127322 Bug-Debian: https://bugs.debian.org/810924 Patch-Name: fixes/mkstemp-umask.diff --- perl.c | 2 +- perlio.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/perl.c b/perl.c index e83f2a6..80a76c2 100644 --- a/perl.c +++ b/perl.c @@ -3765,7 +3765,7 @@ S_open_script(pTHX_ const char *scriptname, bool dosearch, bool *suidscript) const char * const err = "Failed to create a fake bit bucket"; if (strEQ(scriptname, BIT_BUCKET)) { #ifdef HAS_MKSTEMP /* Hopefully mkstemp() is safe here. */ - int old_umask = umask(0600); + int old_umask = umask(0177); int tmpfd = mkstemp(tmpname); umask(old_umask); if (tmpfd > -1) { diff --git a/perlio.c b/perlio.c index b8ee074..c9fed45 100644 --- a/perlio.c +++ b/perlio.c @@ -5027,7 +5027,7 @@ PerlIO_tmpfile(void) char tempname[] = "/tmp/PerlIO_XXXXXX"; const char * const tmpdir = TAINTING_get ? NULL : PerlEnv_getenv("TMPDIR"); SV * sv = NULL; - int old_umask = umask(0600); + int old_umask = umask(0177); /* * I have no idea how portable mkstemp() is ... NI-S */
