ports/69970: update port: www/p5-CGI-SpeedyCGI

Yen-Ming Lee leeym at utopia.leeym.com
Wed Aug 4 00:50:21 UTC 2004


>Number:         69970
>Category:       ports
>Synopsis:       update port: www/p5-CGI-SpeedyCGI
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Wed Aug 04 00:50:20 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator:     Yen-Ming Lee
>Release:        FreeBSD 5.2.1-RELEASE-p9 i386
>Organization:
>Environment:
System: FreeBSD utopia.leeym.com 5.2.1-RELEASE-p9 FreeBSD 5.2.1-RELEASE-p9 #167: Tue Jul 27 05:17:58 CST 2004 root at utopia.leeym.com:/usr/obj/usr/src/sys/UTOPIA i386


	
>Description:

Perl 5.8.4 and above add several security check when doing setuid.
One of these checks is that the interpreter must have string "perl" with it.

http://sourceforge.net/mailarchive/forum.php?thread_id=4823748&forum_id=7581

- rename speedy_suid to speedy_suidperl (or speedyperl_suid will be fine, too)
- utilize ECHO
- replace all /usr/local with PREFIX will cause some problems when PREFIX
  isn't /usr/local (missing PERL5 libraries and modules... blah blah...)
- bump PORTREVISION

>How-To-Repeat:

Run a setuid script under perl 5.8.4 or above, says openwebmail.

>Fix:

--- p5-CGI-SpeedyCGI.diff begins here ---
Index: Makefile
===================================================================
RCS file: /home/pcvs/ports/www/p5-CGI-SpeedyCGI/Makefile,v
retrieving revision 1.8
diff -u -r1.8 Makefile
--- Makefile	1 Jun 2004 12:32:32 -0000	1.8
+++ Makefile	4 Aug 2004 00:35:23 -0000
@@ -7,6 +7,7 @@
 
 PORTNAME=	CGI-SpeedyCGI
 PORTVERSION=	2.22
+PORTREVISION=	1
 CATEGORIES=	www perl5
 MASTER_SITES=	${MASTER_SITE_PERL_CPAN}
 MASTER_SITE_SUBDIR=	CGI
@@ -29,7 +30,7 @@
 .else
 PLIST_SUB+=	APACHE=""
 .if exists(${APXS})
-APXS_WORKS!=	${APXS} -q TARGET 2>/dev/null || echo no
+APXS_WORKS!=	${APXS} -q TARGET 2>/dev/null || ${ECHO} no
 .endif
 .if exists(${APXS}) && ${APXS_WORKS} != no
 AP_LIBEXEC!=	${APXS} -q LIBEXECDIR
@@ -41,11 +42,10 @@
 
 post-configure:
 	@${PERL} -pi -e 's,^PREFIX = /usr$$,PREFIX = ${PREFIX},g;' \
-		     -e 's,/usr/local,${PREFIX},g;' \
 		${WRKSRC}/Makefile ${WRKSRC}/*/Makefile
 
 post-install:
-	@${INSTALL_PROGRAM} ${WRKSRC}/speedy/speedy ${PREFIX}/bin/speedy_suid
-	@${CHMOD} 4755 ${PREFIX}/bin/speedy_suid
+	@${INSTALL_PROGRAM} ${WRKSRC}/speedy/speedy ${PREFIX}/bin/speedy_suidperl
+	@${CHMOD} 4755 ${PREFIX}/bin/speedy_suidperl
 
 .include <bsd.port.post.mk>
Index: pkg-plist
===================================================================
RCS file: /home/pcvs/ports/www/p5-CGI-SpeedyCGI/pkg-plist,v
retrieving revision 1.4
diff -u -r1.4 pkg-plist
--- pkg-plist	25 Dec 2003 12:51:45 -0000	1.4
+++ pkg-plist	4 Aug 2004 00:35:23 -0000
@@ -3,7 +3,7 @@
 %%SITE_PERL%%/CGI/SpeedyCGI.pm
 bin/speedy
 bin/speedy_backend
-bin/speedy_suid
+bin/speedy_suidperl
 @dirrm %%SITE_PERL%%/%%PERL_ARCH%%/auto/CGI/SpeedyCGI
 @unexec rmdir %D/%%SITE_PERL%%/%%PERL_ARCH%%/auto/CGI 2>/dev/null || true
 @unexec rmdir %D/%%SITE_PERL%%/CGI 2>/dev/null || true
--- p5-CGI-SpeedyCGI.diff ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:



More information about the freebsd-ports-bugs mailing list