diff options
author | Ævar Arnfjörð Bjarmason <avar@cpan.org> | 2012-02-12 18:56:35 +0000 |
---|---|---|
committer | Ævar Arnfjörð Bjarmason <avar@cpan.org> | 2012-02-14 10:11:18 +0000 |
commit | 6b770020176e0e22267cd41c0d2ea634f1e2fe17 (patch) | |
tree | 8349b989d49d43c958c25963dc85689ba38feda2 | |
parent | 310f9c6e1d10c69ebae8d0356b22e58f451fdc76 (diff) | |
download | perl-avar/remove-get-uid-caching.tar.gz |
Remove gete?[ug]id cachingavar/remove-get-uid-caching
Currently we cache the UID/GID and effective UID/GID similarly to how
we used to cache getpid() before v5.14.0-251-g0e21945. Remove this
magical behavior in favor of always calling getpid(), getgid()
etc. This resolves RT #96208.
A minimal testcase for this is the following by Leon Timmermans
attached to RT #96208:
eval { require 'syscall.ph'; 1 } or eval { require 'sys/syscall.ph'; 1 } or die $@;
if (syscall(&SYS_setuid, $ARGV[0] + 0 || 1000) >= 0 or die "$!") {
printf "\$< = %d, getuid = %d\n", $<, syscall(&SYS_getuid);
}
I.e. if we call the sete?[ug]id() functions unbeknownst to perl the
$<, $>, $( and $) variables won't be updated. This results in the same
sort of issues we had with $$ before v5.14.0-251-g0e21945, and
getppid() before my "Further eliminate POSIX-emulation under
LinuxThreads" patch.
I'm completely eliminating the PL_egid, PL_euid, PL_gid and PL_uid
variables as part of this patch, this will break some CPAN modules,
but it'll be really easy before the v5.16.0 final to reinstate
them. I'd like to remove them to see what breaks, and how easy it is
to fix it.
The new PL_delaymagic_(egid|euid|gid|uid) variables I'm adding are
only intended to be used internally in the interpreter to facilitate
the delaymagic in sassign. There's probably some way not to export
these to programs that embed perl, but I haven't found out how to do
that.
I don't *think* this has any bugs, but I haven't extensively tested
it, and it seems there's no extensive tests for these variables in our
test suite, this needs to be fixed before this patch goes into blead.
-rw-r--r-- | doio.c | 9 | ||||
-rw-r--r-- | embed.fnc | 2 | ||||
-rw-r--r-- | embed.h | 2 | ||||
-rw-r--r-- | embedvar.h | 8 | ||||
-rw-r--r-- | ext/POSIX/POSIX.xs | 14 | ||||
-rw-r--r-- | intrpvar.h | 8 | ||||
-rw-r--r-- | mg.c | 81 | ||||
-rw-r--r-- | perl.c | 41 | ||||
-rw-r--r-- | perlio.c | 4 | ||||
-rw-r--r-- | pp_hot.c | 48 | ||||
-rw-r--r-- | pp_sys.c | 6 | ||||
-rw-r--r-- | proto.h | 2 | ||||
-rw-r--r-- | sv.c | 8 | ||||
-rw-r--r-- | taint.c | 12 |
14 files changed, 124 insertions, 121 deletions
@@ -1768,10 +1768,11 @@ nothing in the core. case OP_UNLINK: APPLY_TAINT_PROPER(); tot = sp - mark; + const UV euid = PerlProc_geteuid(); while (++mark <= sp) { s = SvPV_nolen_const(*mark); APPLY_TAINT_PROPER(); - if (PL_euid || PL_unsafe) { + if (euid || PL_unsafe) { if (UNLINK(s)) tot--; } @@ -1909,7 +1910,7 @@ Perl_cando(pTHX_ Mode_t mode, bool effective, register const Stat_t *statbufp) # ifdef __CYGWIN__ if (ingroup(544,effective)) { /* member of Administrators */ # else - if ((effective ? PL_euid : PL_uid) == 0) { /* root is special */ + if ((effective ? PerlProc_geteuid() : PerlProc_getuid()) == 0) { /* root is special */ # endif if (mode == S_IXUSR) { if (statbufp->st_mode & 0111 || S_ISDIR(statbufp->st_mode)) @@ -1919,7 +1920,7 @@ Perl_cando(pTHX_ Mode_t mode, bool effective, register const Stat_t *statbufp) return TRUE; /* root reads and writes anything */ return FALSE; } - if (statbufp->st_uid == (effective ? PL_euid : PL_uid) ) { + if (statbufp->st_uid == (effective ? PerlProc_geteuid() : PerlProc_getuid()) ) { if (statbufp->st_mode & mode) return TRUE; /* ok as "user" */ } @@ -1938,7 +1939,7 @@ static bool S_ingroup(pTHX_ Gid_t testgid, bool effective) { dVAR; - if (testgid == (effective ? PL_egid : PL_gid)) + if (testgid == (effective ? PerlProc_getegid() : PerlProc_getgid())) return TRUE; #ifdef HAS_GETGROUPS { @@ -1776,7 +1776,7 @@ s |SV* |mayberelocate |NN const char *const dir|STRLEN len \ |U32 flags s |void |incpush_use_sep|NN const char *p|STRLEN len|U32 flags s |void |init_interp -s |void |init_ids +s |void |init_ids_tainting s |void |init_main_stash s |void |init_perllib s |void |init_postdump_symbols|int argc|NN char **argv|NULLOK char **env @@ -1426,7 +1426,7 @@ #define forbid_setid(a,b) S_forbid_setid(aTHX_ a,b) #define incpush(a,b,c) S_incpush(aTHX_ a,b,c) #define incpush_use_sep(a,b,c) S_incpush_use_sep(aTHX_ a,b,c) -#define init_ids() S_init_ids(aTHX) +#define init_ids_tainting() S_init_ids_tainting(aTHX) #define init_interp() S_init_interp(aTHX) #define init_main_stash() S_init_main_stash(aTHX) #define init_perllib() S_init_perllib(aTHX) diff --git a/embedvar.h b/embedvar.h index d56a53df41..f34af1a021 100644 --- a/embedvar.h +++ b/embedvar.h @@ -149,6 +149,10 @@ #define PL_defoutgv (vTHX->Idefoutgv) #define PL_defstash (vTHX->Idefstash) #define PL_delaymagic (vTHX->Idelaymagic) +#define PL_delaymagic_egid (vTHX->Idelaymagic_egid) +#define PL_delaymagic_euid (vTHX->Idelaymagic_euid) +#define PL_delaymagic_gid (vTHX->Idelaymagic_gid) +#define PL_delaymagic_uid (vTHX->Idelaymagic_uid) #define PL_destroyhook (vTHX->Idestroyhook) #define PL_diehook (vTHX->Idiehook) #define PL_doswitches (vTHX->Idoswitches) @@ -158,13 +162,11 @@ #define PL_e_script (vTHX->Ie_script) #define PL_efloatbuf (vTHX->Iefloatbuf) #define PL_efloatsize (vTHX->Iefloatsize) -#define PL_egid (vTHX->Iegid) #define PL_encoding (vTHX->Iencoding) #define PL_endav (vTHX->Iendav) #define PL_envgv (vTHX->Ienvgv) #define PL_errgv (vTHX->Ierrgv) #define PL_errors (vTHX->Ierrors) -#define PL_euid (vTHX->Ieuid) #define PL_eval_root (vTHX->Ieval_root) #define PL_eval_start (vTHX->Ieval_start) #define PL_evalseq (vTHX->Ievalseq) @@ -179,7 +181,6 @@ #define PL_formtarget (vTHX->Iformtarget) #define PL_generation (vTHX->Igeneration) #define PL_gensym (vTHX->Igensym) -#define PL_gid (vTHX->Igid) #define PL_glob_index (vTHX->Iglob_index) #define PL_globalstash (vTHX->Iglobalstash) #define PL_globhook (vTHX->Iglobhook) @@ -350,7 +351,6 @@ #define PL_tmps_stack (vTHX->Itmps_stack) #define PL_top_env (vTHX->Itop_env) #define PL_toptarget (vTHX->Itoptarget) -#define PL_uid (vTHX->Iuid) #define PL_unicode (vTHX->Iunicode) #define PL_unitcheckav (vTHX->Iunitcheckav) #define PL_unitcheckav_save (vTHX->Iunitcheckav_save) diff --git a/ext/POSIX/POSIX.xs b/ext/POSIX/POSIX.xs index 34e712ed56..d9abfd647f 100644 --- a/ext/POSIX/POSIX.xs +++ b/ext/POSIX/POSIX.xs @@ -2060,24 +2060,10 @@ sleep(seconds) SysRet setgid(gid) Gid_t gid - CLEANUP: -#ifndef WIN32 - if (RETVAL >= 0) { - PL_gid = getgid(); - PL_egid = getegid(); - } -#endif SysRet setuid(uid) Uid_t uid - CLEANUP: -#ifndef WIN32 - if (RETVAL >= 0) { - PL_uid = getuid(); - PL_euid = geteuid(); - } -#endif SysRetLong sysconf(name) diff --git a/intrpvar.h b/intrpvar.h index fc4d64c7df..3122207ce4 100644 --- a/intrpvar.h +++ b/intrpvar.h @@ -464,10 +464,10 @@ PERLVARI(I, in_clean_all, bool, FALSE) /* ptrs to freed SVs now legal */ PERLVAR(I, nomemok, bool) /* let malloc context handle nomem */ PERLVARI(I, savebegin, bool, FALSE) /* save BEGINs for compiler */ -PERLVAR(I, uid, Uid_t) /* current real user id */ -PERLVAR(I, euid, Uid_t) /* current effective user id */ -PERLVAR(I, gid, Gid_t) /* current real group id */ -PERLVAR(I, egid, Gid_t) /* current effective group id */ +PERLVAR(I, delaymagic_uid, Uid_t) /* current real user id, only for delaymagic */ +PERLVAR(I, delaymagic_euid, Uid_t) /* current effective user id, only for delaymagic */ +PERLVAR(I, delaymagic_gid, Gid_t) /* current real group id, only for delaymagic */ +PERLVAR(I, delaymagic_egid, Gid_t) /* current effective group id, only for delaymagic */ PERLVARI(I, an, U32, 0) /* malloc sequence number */ #ifdef DEBUGGING @@ -1109,16 +1109,16 @@ Perl_magic_get(pTHX_ SV *sv, MAGIC *mg) SvNOK_on(sv); /* what a wonderful hack! */ break; case '<': - sv_setiv(sv, (IV)PL_uid); + sv_setiv(sv, (IV)PerlProc_getuid()); break; case '>': - sv_setiv(sv, (IV)PL_euid); + sv_setiv(sv, (IV)PerlProc_geteuid()); break; case '(': - sv_setiv(sv, (IV)PL_gid); + sv_setiv(sv, (IV)PerlProc_getgid()); goto add_groups; case ')': - sv_setiv(sv, (IV)PL_egid); + sv_setiv(sv, (IV)PerlProc_getegid()); add_groups: #ifdef HAS_GETGROUPS { @@ -2795,89 +2795,94 @@ Perl_magic_set(pTHX_ SV *sv, MAGIC *mg) } break; case '<': - PL_uid = SvIV(sv); + { + const IV new_uid = SvIV(sv); + PL_delaymagic_uid = new_uid; if (PL_delaymagic) { PL_delaymagic |= DM_RUID; break; /* don't do magic till later */ } #ifdef HAS_SETRUID - (void)setruid((Uid_t)PL_uid); + (void)setruid((Uid_t)new_uid); #else #ifdef HAS_SETREUID - (void)setreuid((Uid_t)PL_uid, (Uid_t)-1); + (void)setreuid((Uid_t)new_uid, (Uid_t)-1); #else #ifdef HAS_SETRESUID - (void)setresuid((Uid_t)PL_uid, (Uid_t)-1, (Uid_t)-1); + (void)setresuid((Uid_t)new_uid, (Uid_t)-1, (Uid_t)-1); #else - if (PL_uid == PL_euid) { /* special case $< = $> */ + if (new_uid == PerlProc_geteuid()) { /* special case $< = $> */ #ifdef PERL_DARWIN /* workaround for Darwin's setuid peculiarity, cf [perl #24122] */ - if (PL_uid != 0 && PerlProc_getuid() == 0) + if (new_uid != 0 && PerlProc_getuid() == 0) (void)PerlProc_setuid(0); #endif - (void)PerlProc_setuid(PL_uid); + (void)PerlProc_setuid(new_uid); } else { - PL_uid = PerlProc_getuid(); Perl_croak(aTHX_ "setruid() not implemented"); } #endif #endif #endif - PL_uid = PerlProc_getuid(); break; + } case '>': - PL_euid = SvIV(sv); + { + const UV new_euid = SvIV(sv); + PL_delaymagic_euid = new_euid; if (PL_delaymagic) { PL_delaymagic |= DM_EUID; break; /* don't do magic till later */ } #ifdef HAS_SETEUID - (void)seteuid((Uid_t)PL_euid); + (void)seteuid((Uid_t)new_euid); #else #ifdef HAS_SETREUID - (void)setreuid((Uid_t)-1, (Uid_t)PL_euid); + (void)setreuid((Uid_t)-1, (Uid_t)new_euid); #else #ifdef HAS_SETRESUID - (void)setresuid((Uid_t)-1, (Uid_t)PL_euid, (Uid_t)-1); + (void)setresuid((Uid_t)-1, (Uid_t)new_euid, (Uid_t)-1); #else - if (PL_euid == PL_uid) /* special case $> = $< */ - PerlProc_setuid(PL_euid); + if (new_euid == PerlProc_getuid()) /* special case $> = $< */ + PerlProc_setuid(my_euid); else { - PL_euid = PerlProc_geteuid(); Perl_croak(aTHX_ "seteuid() not implemented"); } #endif #endif #endif - PL_euid = PerlProc_geteuid(); break; + } case '(': - PL_gid = SvIV(sv); + { + const UV new_gid = SvIV(sv); + PL_delaymagic_gid = new_gid; if (PL_delaymagic) { PL_delaymagic |= DM_RGID; break; /* don't do magic till later */ } #ifdef HAS_SETRGID - (void)setrgid((Gid_t)PL_gid); + (void)setrgid((Gid_t)new_gid); #else #ifdef HAS_SETREGID - (void)setregid((Gid_t)PL_gid, (Gid_t)-1); + (void)setregid((Gid_t)new_gid, (Gid_t)-1); #else #ifdef HAS_SETRESGID - (void)setresgid((Gid_t)PL_gid, (Gid_t)-1, (Gid_t) -1); + (void)setresgid((Gid_t)new_gid, (Gid_t)-1, (Gid_t) -1); #else - if (PL_gid == PL_egid) /* special case $( = $) */ - (void)PerlProc_setgid(PL_gid); + if (new_gid == PerlProc_getegid()) /* special case $( = $) */ + (void)PerlProc_setgid(new_gid); else { - PL_gid = PerlProc_getgid(); Perl_croak(aTHX_ "setrgid() not implemented"); } #endif #endif #endif - PL_gid = PerlProc_getgid(); break; + } case ')': + { + UV new_egid; #ifdef HAS_SETGROUPS { const char *p = SvPV_const(sv, len); @@ -2893,7 +2898,7 @@ Perl_magic_set(pTHX_ SV *sv, MAGIC *mg) while (isSPACE(*p)) ++p; - PL_egid = Atol(p); + new_egid = Atol(p); for (i = 0; i < maxgrp; ++i) { while (*p && !isSPACE(*p)) ++p; @@ -2912,32 +2917,32 @@ Perl_magic_set(pTHX_ SV *sv, MAGIC *mg) Safefree(gary); } #else /* HAS_SETGROUPS */ - PL_egid = SvIV(sv); + new_egid = SvIV(sv); #endif /* HAS_SETGROUPS */ + PL_delaymagic_egid = new_egid; if (PL_delaymagic) { PL_delaymagic |= DM_EGID; break; /* don't do magic till later */ } #ifdef HAS_SETEGID - (void)setegid((Gid_t)PL_egid); + (void)setegid((Gid_t)new_egid); #else #ifdef HAS_SETREGID - (void)setregid((Gid_t)-1, (Gid_t)PL_egid); + (void)setregid((Gid_t)-1, (Gid_t)new_egid); #else #ifdef HAS_SETRESGID - (void)setresgid((Gid_t)-1, (Gid_t)PL_egid, (Gid_t)-1); + (void)setresgid((Gid_t)-1, (Gid_t)new_egid, (Gid_t)-1); #else - if (PL_egid == PL_gid) /* special case $) = $( */ - (void)PerlProc_setgid(PL_egid); + if (new_egid == PerlProc_getgid()) /* special case $) = $( */ + (void)PerlProc_setgid(new_egid); else { - PL_egid = PerlProc_getegid(); Perl_croak(aTHX_ "setegid() not implemented"); } #endif #endif #endif - PL_egid = PerlProc_getegid(); break; + } case ':': PL_chopset = SvPV_force(sv,len); break; @@ -280,7 +280,7 @@ perl_construct(pTHXx) init_stacks(); - init_ids(); + init_ids_tainting(); JMPENV_BOOTSTRAP; STATUS_ALL_SUCCESS; @@ -1608,7 +1608,7 @@ perl_parse(pTHXx_ XSINIT_t xsinit, int argc, char **argv, char **env) PL_origfilename = savepv(argv[0]); PL_do_undump = FALSE; cxstack_ix = -1; /* start label stack again */ - init_ids(); + init_ids_tainting(); assert (!PL_tainted); TAINT; S_set_caret_X(aTHX); @@ -3754,13 +3754,18 @@ S_validate_suid(pTHX_ PerlIO *rsfp) { PERL_ARGS_ASSERT_VALIDATE_SUID; - if (PL_euid != PL_uid || PL_egid != PL_gid) { /* (suidperl doesn't exist, in fact) */ + const UV my_uid = PerlProc_getuid(); + const UV my_euid = PerlProc_geteuid(); + const UV my_gid = PerlProc_getgid(); + const UV my_egid = PerlProc_getegid(); + + if (my_euid != my_uid || my_egid != my_gid) { /* (suidperl doesn't exist, in fact) */ dVAR; PerlLIO_fstat(PerlIO_fileno(rsfp),&PL_statbuf); /* may be either wrapped or real suid */ - if ((PL_euid != PL_uid && PL_euid == PL_statbuf.st_uid && PL_statbuf.st_mode & S_ISUID) + if ((my_euid != my_uid && my_euid == PL_statbuf.st_uid && PL_statbuf.st_mode & S_ISUID) || - (PL_egid != PL_gid && PL_egid == PL_statbuf.st_gid && PL_statbuf.st_mode & S_ISGID) + (my_egid != my_gid && my_egid == PL_statbuf.st_gid && PL_statbuf.st_mode & S_ISGID) ) if (!PL_do_undump) Perl_croak(aTHX_ "YOU HAVEN'T DISABLED SET-ID SCRIPTS IN THE KERNEL YET!\n\ @@ -3801,20 +3806,17 @@ S_find_beginning(pTHX_ SV* linestr_sv, PerlIO *rsfp) STATIC void -S_init_ids(pTHX) +S_init_ids_tainting(pTHX) { dVAR; - PL_uid = PerlProc_getuid(); - PL_euid = PerlProc_geteuid(); - PL_gid = PerlProc_getgid(); - PL_egid = PerlProc_getegid(); -#ifdef VMS - PL_uid |= PL_gid << 16; - PL_euid |= PL_egid << 16; -#endif + const UV my_uid = PerlProc_getuid(); + const UV my_euid = PerlProc_geteuid(); + const UV my_gid = PerlProc_getgid(); + const UV my_egid = PerlProc_getegid(); + /* Should not happen: */ - CHECK_MALLOC_TAINT(PL_uid && (PL_euid != PL_uid || PL_egid != PL_gid)); - PL_tainting |= (PL_uid && (PL_euid != PL_uid || PL_egid != PL_gid)); + CHECK_MALLOC_TAINT(my_uid && (my_euid != my_uid || my_egid != my_gid)); + PL_tainting |= (my_uid && (my_euid != my_uid || my_egid != my_gid)); /* BUG */ /* PSz 27 Feb 04 * Should go by suidscript, not uid!=euid: why disallow @@ -3880,9 +3882,9 @@ S_forbid_setid(pTHX_ const char flag, const bool suidscript) /* g */ } #ifdef SETUID_SCRIPTS_ARE_SECURE_NOW - if (PL_euid != PL_uid) + if (PerlProc_getuid() != PerlProc_geteuid()) Perl_croak(aTHX_ "No %s allowed while running setuid", message); - if (PL_egid != PL_gid) + if (PerlProc_getgid() != PerlProc_getegid()) Perl_croak(aTHX_ "No %s allowed while running setgid", message); #endif /* SETUID_SCRIPTS_ARE_SECURE_NOW */ if (suidscript) @@ -4569,7 +4571,8 @@ S_mayberelocate(pTHX_ const char *const dir, STRLEN len, U32 flags) /* And this is the new libdir. */ libdir = tempsv; if (PL_tainting && - (PL_uid != PL_euid || PL_gid != PL_egid)) { + (PerlProc_getuid() != PerlProc_geteuid() || + PerlProc_getgid() != PerlProc_getegid())) { /* Need to taint relocated paths if running set ID */ SvTAINTED_on(libdir); } @@ -458,7 +458,9 @@ PerlIO_debug(const char *fmt, ...) dSYS; va_start(ap, fmt); if (!PL_perlio_debug_fd) { - if (!PL_tainting && PL_uid == PL_euid && PL_gid == PL_egid) { + if (!PL_tainting && + PerlProc_getuid() == PerlProc_geteuid() && + PerlProc_getgid() == PerlProc_getegid()) { const char * const s = PerlEnv_getenv("PERLIO_DEBUG"); if (s && *s) PL_perlio_debug_fd @@ -1091,71 +1091,77 @@ PP(pp_aassign) } } if (PL_delaymagic & ~DM_DELAY) { + /* Will be used to set PL_tainting below */ + UV tmp_uid = PerlProc_getuid(); + UV tmp_euid = PerlProc_geteuid(); + UV tmp_gid = PerlProc_getgid(); + UV tmp_egid = PerlProc_getegid(); + if (PL_delaymagic & DM_UID) { #ifdef HAS_SETRESUID - (void)setresuid((PL_delaymagic & DM_RUID) ? PL_uid : (Uid_t)-1, - (PL_delaymagic & DM_EUID) ? PL_euid : (Uid_t)-1, + (void)setresuid((PL_delaymagic & DM_RUID) ? PL_delaymagic_uid : (Uid_t)-1, + (PL_delaymagic & DM_EUID) ? PL_delaymagic_euid : (Uid_t)-1, (Uid_t)-1); #else # ifdef HAS_SETREUID - (void)setreuid((PL_delaymagic & DM_RUID) ? PL_uid : (Uid_t)-1, - (PL_delaymagic & DM_EUID) ? PL_euid : (Uid_t)-1); + (void)setreuid((PL_delaymagic & DM_RUID) ? PL_delaymagic_uid : (Uid_t)-1, + (PL_delaymagic & DM_EUID) ? PL_delaymagic_euid : (Uid_t)-1); # else # ifdef HAS_SETRUID if ((PL_delaymagic & DM_UID) == DM_RUID) { - (void)setruid(PL_uid); + (void)setruid(PL_delaymagic_uid); PL_delaymagic &= ~DM_RUID; } # endif /* HAS_SETRUID */ # ifdef HAS_SETEUID if ((PL_delaymagic & DM_UID) == DM_EUID) { - (void)seteuid(PL_euid); + (void)seteuid(PL_delaymagic_euid); PL_delaymagic &= ~DM_EUID; } # endif /* HAS_SETEUID */ if (PL_delaymagic & DM_UID) { - if (PL_uid != PL_euid) + if (PL_delaymagic_uid != PL_delaymagic_euid) DIE(aTHX_ "No setreuid available"); - (void)PerlProc_setuid(PL_uid); + (void)PerlProc_setuid(PL_delaymagic_uid); } # endif /* HAS_SETREUID */ #endif /* HAS_SETRESUID */ - PL_uid = PerlProc_getuid(); - PL_euid = PerlProc_geteuid(); + tmp_uid = PerlProc_getuid(); + tmp_euid = PerlProc_geteuid(); } if (PL_delaymagic & DM_GID) { #ifdef HAS_SETRESGID - (void)setresgid((PL_delaymagic & DM_RGID) ? PL_gid : (Gid_t)-1, - (PL_delaymagic & DM_EGID) ? PL_egid : (Gid_t)-1, + (void)setresgid((PL_delaymagic & DM_RGID) ? PL_delaymagic_gid : (Gid_t)-1, + (PL_delaymagic & DM_EGID) ? PL_delaymagic_egid : (Gid_t)-1, (Gid_t)-1); #else # ifdef HAS_SETREGID - (void)setregid((PL_delaymagic & DM_RGID) ? PL_gid : (Gid_t)-1, - (PL_delaymagic & DM_EGID) ? PL_egid : (Gid_t)-1); + (void)setregid((PL_delaymagic & DM_RGID) ? PL_delaymagic_gid : (Gid_t)-1, + (PL_delaymagic & DM_EGID) ? PL_delaymagic_egid : (Gid_t)-1); # else # ifdef HAS_SETRGID if ((PL_delaymagic & DM_GID) == DM_RGID) { - (void)setrgid(PL_gid); + (void)setrgid(PL_delaymagic_gid); PL_delaymagic &= ~DM_RGID; } # endif /* HAS_SETRGID */ # ifdef HAS_SETEGID if ((PL_delaymagic & DM_GID) == DM_EGID) { - (void)setegid(PL_egid); + (void)setegid(PL_delaymagic_egid); PL_delaymagic &= ~DM_EGID; } # endif /* HAS_SETEGID */ if (PL_delaymagic & DM_GID) { - if (PL_gid != PL_egid) + if (PL_delaymagic_gid != PL_delaymagic_egid) DIE(aTHX_ "No setregid available"); - (void)PerlProc_setgid(PL_gid); + (void)PerlProc_setgid(PL_delaymagic_gid); } # endif /* HAS_SETREGID */ #endif /* HAS_SETRESGID */ - PL_gid = PerlProc_getgid(); - PL_egid = PerlProc_getegid(); + tmp_gid = PerlProc_getgid(); + tmp_egid = PerlProc_getegid(); } - PL_tainting |= (PL_uid && (PL_euid != PL_uid || PL_egid != PL_gid)); + PL_tainting |= (tmp_uid && (tmp_euid != tmp_uid || tmp_egid != tmp_gid)); } PL_delaymagic = 0; @@ -3197,11 +3197,11 @@ PP(pp_ftrowned) FT_RETURNUNDEF; switch (PL_op->op_type) { case OP_FTROWNED: - if (PL_statcache.st_uid == PL_uid) + if (PL_statcache.st_uid == PerlProc_getuid()) FT_RETURNYES; break; case OP_FTEOWNED: - if (PL_statcache.st_uid == PL_euid) + if (PL_statcache.st_uid == PerlProc_geteuid()) FT_RETURNYES; break; case OP_FTZERO: @@ -3585,7 +3585,7 @@ PP(pp_rename) if (same_dirent(tmps2, tmps)) /* can always rename to same name */ anum = 1; else { - if (PL_euid || PerlLIO_stat(tmps2, &PL_statbuf) < 0 || !S_ISDIR(PL_statbuf.st_mode)) + if (PerlProc_geteuid() || PerlLIO_stat(tmps2, &PL_statbuf) < 0 || !S_ISDIR(PL_statbuf.st_mode)) (void)UNLINK(tmps2); if (!(anum = link(tmps, tmps2))) anum = UNLINK(tmps); @@ -5903,7 +5903,7 @@ STATIC void S_incpush_use_sep(pTHX_ const char *p, STRLEN len, U32 flags) #define PERL_ARGS_ASSERT_INCPUSH_USE_SEP \ assert(p) -STATIC void S_init_ids(pTHX); +STATIC void S_init_ids_tainting(pTHX); STATIC void S_init_interp(pTHX); STATIC void S_init_main_stash(pTHX); STATIC void S_init_perllib(pTHX); @@ -13014,10 +13014,10 @@ perl_clone_using(PerlInterpreter *proto_perl, UV flags, PL_in_clean_objs = proto_perl->Iin_clean_objs; PL_in_clean_all = proto_perl->Iin_clean_all; - PL_uid = proto_perl->Iuid; - PL_euid = proto_perl->Ieuid; - PL_gid = proto_perl->Igid; - PL_egid = proto_perl->Iegid; + PL_delaymagic_uid = proto_perl->Idelaymagic_uid; + PL_delaymagic_euid = proto_perl->Idelaymagic_euid; + PL_delaymagic_gid = proto_perl->Idelaymagic_gid; + PL_delaymagic_egid = proto_perl->Idelaymagic_egid; PL_nomemok = proto_perl->Inomemok; PL_an = proto_perl->Ian; PL_evalseq = proto_perl->Ievalseq; @@ -33,8 +33,8 @@ Perl_taint_proper(pTHX_ const char *f, const char *const s) # if Uid_t_size == 1 { - const UV uid = PL_uid; - const UV euid = PL_euid; + const UV uid = PerlProc_getuid(); + const UV euid = PerlProc_geteuid(); DEBUG_u(PerlIO_printf(Perl_debug_log, "%s %d %"UVuf" %"UVuf"\n", @@ -42,8 +42,8 @@ Perl_taint_proper(pTHX_ const char *f, const char *const s) } # else { - const IV uid = PL_uid; - const IV euid = PL_euid; + const IV uid = PerlProc_getuid(); + const IV euid = PerlProc_geteuid(); DEBUG_u(PerlIO_printf(Perl_debug_log, "%s %d %"IVdf" %"IVdf"\n", @@ -57,9 +57,9 @@ Perl_taint_proper(pTHX_ const char *f, const char *const s) if (!f) f = PL_no_security; - if (PL_euid != PL_uid) + if (PerlProc_getuid() != PerlProc_geteuid()) ug = " while running setuid"; - else if (PL_egid != PL_gid) + else if (PerlProc_getgid() != PerlProc_getegid()) ug = " while running setgid"; else if (PL_taint_warn) ug = " while running with -t switch"; |