Ken Williams wrote: > > On Sunday, April 28, 2002, at 04:48 PM, Stas Bekman wrote: > >> it does solve the problem on linux. Ken, can you test the bleadperl? >> This fix was applied as a solution. If `pwd` doesn't work for you, >> that sucks! Meaning that the problem wasn't fixed in bleadperl :( Can >> you check the recent Cwd thread on p5p (started by me) and try running >> cwd.t under -T? > > > All bleadperl tests pass for me, except 'ext/DB_File/t/db-recno' which I > think is known to fail. > > Both Cwd tests pass, in particular: > > ext/Cwd/t/cwd.......................ok > ext/Cwd/t/taint.....................ok > > But you mention running them with -T - how do I do that?
you add -T, to ext/Cwd/t/cwd.t's shebang line, and run it as PERL_CORE=1 LD_LIBRARY_PATH=/home/stas/perl.org/perl-current ./perl ext/Cwd/t/cwd.t I think my patch untainting the test's code went in http://www.xray.mpe.mpg.de/mailing-lists/perl5-porters/2002-04/msg01274.html >>> If I also do "$ENV{PATH} = '/bin';" after that, the server gets >>> farther before failing (this is with a fully static build - I'm >>> giving up on APACI for now, I get link errors there). Now I get this >>> error in t/logs/error_log: >>> ============ >>> Insecure dependency in eval while running with -T switch. >>> Callback called exit. >>> ============ >>> Doesn't exactly tell me where to start looking for the error, anyone >>> have hints? The above is the entire contents of the log. >> >> >> Doug has started fixing this problem, but didn't finish. See: >> http://marc.theaimsgroup.com/?t=101880934700003&r=1&w=2 > > > Hmm, I'm now seeing different behavior than what I saw before. Using > APACI and your Cwd.pm patch, the server never started, nor did it create > t/logs/error_log. I just tried it now with a simple static build, > though, and it did succeed. All mod_perl tests pass, though there are > lots of warnings during the tests about "Can't exec 'pwd': No such file > or directory". That's to be expected? As you said earlier, my patch, fixed Cwd's _backtick_pwd under the taint mode on linux, but broke on yours. must be reported as a bug to p5p and fixed. 5.8.0 should be out any week now. I'm not sure what the alternative fix for the taint problem there, you cannot know where pwd util resides, so you cannot just say $ENV{PATH}='/bin/', can you? in any case let's move this discussion to p5p. __________________________________________________________________ Stas Bekman JAm_pH ------> Just Another mod_perl Hacker http://stason.org/ mod_perl Guide ---> http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com
