On Wed, 21 Feb 2001 [EMAIL PROTECTED] wrote:
> On Wed, Feb 21, 2001 at 07:42:17AM -1000, Tim Jenness wrote:
> > > File::Temp::_gettemp: Parent directory (/tmp/) is not safe (sticky bit not set
>when world writable?) at lib/ftmp-security.t line 100
>
> The reason that warning is leaking through is _gettemp() is very
> noisy, warning alot. tmpfile() does not catch these warnings and
> issue them as part if its die message.
Yes. I was just looking fixing this.
>
> _gettemp() should be rearchitected to have a side-channel for
> reporting the reason for a failure back to its caller rather than just
> warning directly. Then the caller (ie. tempfile()) can incorporate
> the reason into its own error message.
That's one option yes.
>
> For the moment, the test can be shut up by adding a C<local
> $SIG{__WARN__} = sub {}> to the eval block.
>
> There's also a fundemental problem with lib/ftmp-security.t. We have
> no way of knowing if a test failed because File::Temp has failed or
> because the admin has a peculiar way of setting up /tmp! In the
> latter case, File::Temp is working perfectly, but the test will fail.
> This is wrong.
>
> This can be solved by using t/tmp instead of File::Spec->tmpdir.
> t/lib/ftmp-security.t can create t/tmp and chmod it the way it likes,
> then run tempfile() with it as the DIR. At the end, it can delete it.
>
Only partly. We've thought of this before but HIGH security involves
testing all the parent directories not just the one containing the
directory itself. t/tmp will not fix the problem if the parent dir is
"unsafe".
I will change the test so that it prints the skip message and hides the
warnings [Simply unsetting SIG{__WARN__} in ftmp-security.t fixes it but
I'm toyinh with the idea of breaking compatibility with 5.005 and using
'warnings.pm'
--
Tim Jenness
JCMT software engineer/Support scientist
http://www.jach.hawaii.edu/~timj
