From: Rafael Garcia-Suarez Date: Wed, 20 Jul 2005 16:53:16 +0000 (+0000) Subject: Remove :base_io from the set of default "safe" opcodes. X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=commitdiff_plain;h=e866b74b8651a8d5e0458756533f958fc66fd305;p=p5sagit%2Fp5-mst-13.2.git Remove :base_io from the set of default "safe" opcodes. This fixes bug [perl #36213] "Possible flaw in Safe.pm/Opcode.pm that allows access to any file" but introduces a backward compatibility issue. p4raw-id: //depot/perl@25204 --- diff --git a/ext/Opcode/Opcode.pm b/ext/Opcode/Opcode.pm index 9f426cd..179da04 100644 --- a/ext/Opcode/Opcode.pm +++ b/ext/Opcode/Opcode.pm @@ -6,7 +6,7 @@ use strict; our($VERSION, $XS_VERSION, @ISA, @EXPORT_OK); -$VERSION = "1.06"; +$VERSION = "1.07"; $XS_VERSION = "1.03"; use Carp; @@ -374,8 +374,9 @@ used to implement a resource attack (e.g., consume all available CPU time). These ops enable I (rather than filename) based input and output. These are safe on the assumption that only pre-existing -filehandles are available for use. To create new filehandles other ops -such as open would need to be enabled. +filehandles are available for use. Usually, to create new filehandles +other ops such as open would need to be enabled, if you don't take into +account the magical open of ARGV. readline rcatline getc read @@ -441,12 +442,13 @@ These ops are related to multi-threading. A handy tag name for a I default set of ops. (The current ops allowed are unstable while development continues. It will change.) - :base_core :base_mem :base_loop :base_io :base_orig :base_thread + :base_core :base_mem :base_loop :base_orig :base_thread + +This list used to contain :base_io prior to Opcode 1.07. If safety matters to you (and why else would you be using the Opcode module?) then you should not rely on the definition of this, or indeed any other, optag! - =item :filesys_read stat lstat readlink diff --git a/ext/Safe/t/safe2.t b/ext/Safe/t/safe2.t index 3ea19ed..d0239d1 100755 --- a/ext/Safe/t/safe2.t +++ b/ext/Safe/t/safe2.t @@ -39,6 +39,8 @@ $cpt = new Safe or die; $cpt = new Safe "Root"; +$cpt->permit(qw(:base_io)); + $cpt->reval(q{ system("echo not ok 1"); }); if ($@ =~ /^'?system'? trapped by operation mask/) { print "ok 1\n";