2010/4/21 Torsten Förtsch <torsten.foert...@gmx.net>:
> But now, ServerRoot, DocumentRoot etc might not be read/writable by the user.
> Stas tried to solve that by chowning or chmoding our files. Still the tests
> can fail if the current directory is not accessible by the unprivileged user
> because some parent directory is forbidden.
That's correct, in most cases cpan unpacks the distribution in the
/root directory which is not readable by unprivileged users.
> Why not create a temp dir as the unprivileged user (using File::Temp, so the
> base path can be adjusted via $ENV{TMPDIR}) and copy all the stuff needed by
> Apache there.
>
> Assuming that the stuff that needs to be copied is all in t and perhaps blib
> these directories can even be symlinked (or "mount --bind"ed on linux) back to
> the current directory.
My concern here is that the code to help users run the tests as root
is already quite complicated. And it requires manual intervention by
the user in some cases, and if the process fails partway through, the
operations are not atomic. So if the user or some other process
cancels the test partway through, you have files accessible by any
user in root directory space.
I checked in a fix for the failing tests that spurred this effort (one
that is quite simple), so the original goal of this patch has been
achieved. But after spending time in the code dealing with the issues
that arise from running the tests as root, it seems that from a
security, simplicity, and maintainability angle that just not allowing
root to run the tests is the cleanest solution.
Bear in mind that when Stas wrote that code, he was funded by
Ticketmaster full time for two years. So he had the time and
resources to develop a solution for this edge case, but it still
requires more work to be done to get it working hands free. The edge
case of root running the tests is small enough that I think it just
needs to go away so we can focus on other issues which are more
critical and widely used.
>> +sub is_root {
>> + my $user = getpwuid($>) || '';
>> +
>> + return unless $user eq 'root';
>
> why not C<< $>==0 >>?
>
> This is what apache checks, not the name.
I took this style from the existing Apache::Test code. So there are
several ways to do it, but this way is already established in the
existing code.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@perl.apache.org
For additional commands, e-mail: dev-h...@perl.apache.org
