ports/69970: update port: www/p5-CGI-SpeedyCGI
Yen-Ming Lee
leeym at utopia.leeym.com
Wed Aug 4 00:50:21 UTC 2004
>Number: 69970
>Category: ports
>Synopsis: update port: www/p5-CGI-SpeedyCGI
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Wed Aug 04 00:50:20 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: Yen-Ming Lee
>Release: FreeBSD 5.2.1-RELEASE-p9 i386
>Organization:
>Environment:
System: FreeBSD utopia.leeym.com 5.2.1-RELEASE-p9 FreeBSD 5.2.1-RELEASE-p9 #167: Tue Jul 27 05:17:58 CST 2004 root at utopia.leeym.com:/usr/obj/usr/src/sys/UTOPIA i386
>Description:
Perl 5.8.4 and above add several security check when doing setuid.
One of these checks is that the interpreter must have string "perl" with it.
http://sourceforge.net/mailarchive/forum.php?thread_id=4823748&forum_id=7581
- rename speedy_suid to speedy_suidperl (or speedyperl_suid will be fine, too)
- utilize ECHO
- replace all /usr/local with PREFIX will cause some problems when PREFIX
isn't /usr/local (missing PERL5 libraries and modules... blah blah...)
- bump PORTREVISION
>How-To-Repeat:
Run a setuid script under perl 5.8.4 or above, says openwebmail.
>Fix:
--- p5-CGI-SpeedyCGI.diff begins here ---
Index: Makefile
===================================================================
RCS file: /home/pcvs/ports/www/p5-CGI-SpeedyCGI/Makefile,v
retrieving revision 1.8
diff -u -r1.8 Makefile
--- Makefile 1 Jun 2004 12:32:32 -0000 1.8
+++ Makefile 4 Aug 2004 00:35:23 -0000
@@ -7,6 +7,7 @@
PORTNAME= CGI-SpeedyCGI
PORTVERSION= 2.22
+PORTREVISION= 1
CATEGORIES= www perl5
MASTER_SITES= ${MASTER_SITE_PERL_CPAN}
MASTER_SITE_SUBDIR= CGI
@@ -29,7 +30,7 @@
.else
PLIST_SUB+= APACHE=""
.if exists(${APXS})
-APXS_WORKS!= ${APXS} -q TARGET 2>/dev/null || echo no
+APXS_WORKS!= ${APXS} -q TARGET 2>/dev/null || ${ECHO} no
.endif
.if exists(${APXS}) && ${APXS_WORKS} != no
AP_LIBEXEC!= ${APXS} -q LIBEXECDIR
@@ -41,11 +42,10 @@
post-configure:
@${PERL} -pi -e 's,^PREFIX = /usr$$,PREFIX = ${PREFIX},g;' \
- -e 's,/usr/local,${PREFIX},g;' \
${WRKSRC}/Makefile ${WRKSRC}/*/Makefile
post-install:
- @${INSTALL_PROGRAM} ${WRKSRC}/speedy/speedy ${PREFIX}/bin/speedy_suid
- @${CHMOD} 4755 ${PREFIX}/bin/speedy_suid
+ @${INSTALL_PROGRAM} ${WRKSRC}/speedy/speedy ${PREFIX}/bin/speedy_suidperl
+ @${CHMOD} 4755 ${PREFIX}/bin/speedy_suidperl
.include <bsd.port.post.mk>
Index: pkg-plist
===================================================================
RCS file: /home/pcvs/ports/www/p5-CGI-SpeedyCGI/pkg-plist,v
retrieving revision 1.4
diff -u -r1.4 pkg-plist
--- pkg-plist 25 Dec 2003 12:51:45 -0000 1.4
+++ pkg-plist 4 Aug 2004 00:35:23 -0000
@@ -3,7 +3,7 @@
%%SITE_PERL%%/CGI/SpeedyCGI.pm
bin/speedy
bin/speedy_backend
-bin/speedy_suid
+bin/speedy_suidperl
@dirrm %%SITE_PERL%%/%%PERL_ARCH%%/auto/CGI/SpeedyCGI
@unexec rmdir %D/%%SITE_PERL%%/%%PERL_ARCH%%/auto/CGI 2>/dev/null || true
@unexec rmdir %D/%%SITE_PERL%%/CGI 2>/dev/null || true
--- p5-CGI-SpeedyCGI.diff ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list