From: Jarkko Hietaniemi <jhi@iki.fi>
Date: Fri, 5 Sep 2003 13:43:36 +0000 (+0000)
Subject: More suidperl path disclosure plugging:
X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=commitdiff_plain;h=2b8ca7391be5ab2bad904071bb0f753bcaac99a3;p=p5sagit%2Fp5-mst-13.2.git

More suidperl path disclosure plugging:
the #9813 didn't do enough.  See either of
http://rt.perl.org/rt2/Ticket/Display.html?id=6511
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=203426

p4raw-id: //depot/perl@21045
---

diff --git a/perl.c b/perl.c
index 297e904..4f41bf1 100644
--- a/perl.c
+++ b/perl.c
@@ -2991,8 +2991,7 @@ S_open_script(pTHX_ char *scriptname, bool dosearch, SV *sv, int *fdscript)
 #       endif
 #       ifdef IAMSUID
             errno = EPERM;
-            Perl_croak(aTHX_ "Can't open perl script: %s\n",
-                       Strerror(errno));
+            Perl_croak(aTHX_ "Permission denied\n");
 #       else
             Perl_croak(aTHX_ "Can't open perl script \"%s\": %s\n",
                        CopFILE(PL_curcop), Strerror(errno));
@@ -3312,7 +3311,7 @@ FIX YOUR KERNEL, PUT A C WRAPPER AROUND THIS SCRIPT, OR USE -u AND UNDUMP!\n");
     else if (fdscript >= 0)
 	Perl_croak(aTHX_ "fd script not allowed in suidperl\n");
     else
-	Perl_croak(aTHX_ "Script is not setuid/setgid in suidperl\n");
+	Perl_croak(aTHX_ "Permission denied\n");
 
     /* We absolutely must clear out any saved ids here, so we */
     /* exec the real perl, substituting fd script for scriptname. */
diff --git a/pod/perldiag.pod b/pod/perldiag.pod
index ad8b8c7..5e60211 100644
--- a/pod/perldiag.pod
+++ b/pod/perldiag.pod
@@ -898,7 +898,7 @@ the command line for writing.
 redirection, and couldn't open the pipe into which to send data destined
 for stdout.
 
-=item Can't open perl script%s: %s
+=item Can't open perl script%s
 
 (F) The script you specified can't be opened for the indicated reason.