From: David Mitchell Date: Sun, 11 Apr 2010 22:45:29 +0000 (+0100) Subject: remove 'enable taint if modify gid/uid' feature X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=commitdiff_plain;h=11035fcf28d4d5fe35c7f6719dbd07b704a8f266;p=p5sagit%2Fp5-mst-13.2.git remove 'enable taint if modify gid/uid' feature If at runtime you modify any of any the id variables $<, $>, $(, $), such that the id and effective id differ, perl used to enable tainting, even if -T wasn't specified at startup. This commit removes that feature. See http://www.xray.mpe.mpg.de/mailing-lists/perl5-porters/2010-03/mail9.html RT #67260 --- diff --git a/mg.c b/mg.c index 39d608b..3fb8ec4 100644 --- a/mg.c +++ b/mg.c @@ -2645,7 +2645,6 @@ Perl_magic_set(pTHX_ SV *sv, MAGIC *mg) #endif #endif PL_uid = PerlProc_getuid(); - PL_tainting |= (PL_uid && (PL_euid != PL_uid || PL_egid != PL_gid)); break; case '>': PL_euid = SvIV(sv); @@ -2672,7 +2671,6 @@ Perl_magic_set(pTHX_ SV *sv, MAGIC *mg) #endif #endif PL_euid = PerlProc_geteuid(); - PL_tainting |= (PL_uid && (PL_euid != PL_uid || PL_egid != PL_gid)); break; case '(': PL_gid = SvIV(sv); @@ -2699,7 +2697,6 @@ Perl_magic_set(pTHX_ SV *sv, MAGIC *mg) #endif #endif PL_gid = PerlProc_getgid(); - PL_tainting |= (PL_uid && (PL_euid != PL_uid || PL_egid != PL_gid)); break; case ')': #ifdef HAS_SETGROUPS @@ -2761,7 +2758,6 @@ Perl_magic_set(pTHX_ SV *sv, MAGIC *mg) #endif #endif PL_egid = PerlProc_getegid(); - PL_tainting |= (PL_uid && (PL_euid != PL_uid || PL_egid != PL_gid)); break; case ':': PL_chopset = SvPV_force(sv,len);