summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSolar Designer <solar@openwall.com>2004-01-26 04:22:18 +0300
committerDave Mitchell <davem@fdisolutions.com>2004-02-01 17:40:02 +0000
commit2359510ddb135dcc6e80153f51cff0a97b20b597 (patch)
treeb074c5df813a1e3e529f0330620b456ecc4988e6
parenta95a5f75a0e72874474834cd9e274afa0f23b6d8 (diff)
downloadperl-2359510ddb135dcc6e80153f51cff0a97b20b597.tar.gz
Re: [perl #15063] /tmp issues
Message-ID: <20040125222218.GA13499@openwall.com> Remove insecure usage of /tmp from code and documentation p4raw-id: //depot/perl@22258
-rw-r--r--ext/DB_File/DB_File.pm8
-rwxr-xr-xext/DB_File/t/db-recno.t2
-rw-r--r--ext/Devel/PPPort/PPPort.pm8
-rw-r--r--ext/IO/t/io_unix.t4
-rw-r--r--ext/ODBM_File/ODBM_File.xs2
-rw-r--r--ext/POSIX/POSIX.pod10
-rw-r--r--ext/Socket/Socket.pm4
-rw-r--r--ext/Storable/Storable.pm6
-rw-r--r--ext/Time/HiRes/Makefile.PL10
-rw-r--r--lib/CGI/Cookie.pm2
-rw-r--r--lib/ExtUtils/MakeMaker.pm8
-rw-r--r--lib/ExtUtils/instmodsh1
-rwxr-xr-xlib/Memoize/t/tie.t9
-rwxr-xr-xlib/Memoize/t/tie_gdbm.t8
-rw-r--r--lib/Memoize/t/tie_ndbm.t9
-rw-r--r--lib/Memoize/t/tie_sdbm.t9
-rw-r--r--lib/Memoize/t/tie_storable.t9
-rw-r--r--lib/Shell.pm2
-rw-r--r--lib/dotsh.pl12
-rw-r--r--lib/perl5db.pl4
-rwxr-xr-xmpeix/nm6
-rwxr-xr-xmpeix/relink2
-rwxr-xr-xperly.fixer2
-rw-r--r--pod/perl571delta.pod8
-rw-r--r--pod/perl58delta.pod8
-rw-r--r--pod/perldbmfilter.pod4
-rw-r--r--pod/perldebug.pod2
-rw-r--r--pod/perlfaq5.pod7
-rw-r--r--pod/perlfaq8.pod10
-rw-r--r--pod/perlfunc.pod2
-rw-r--r--pod/perlipc.pod4
-rw-r--r--pod/perllexwarn.pod4
-rw-r--r--pod/perlobj.pod18
-rw-r--r--pod/perlop.pod6
-rw-r--r--pod/perlopentut.pod8
-rw-r--r--utils/c2ph.PL24
36 files changed, 103 insertions, 139 deletions
diff --git a/ext/DB_File/DB_File.pm b/ext/DB_File/DB_File.pm
index 77ba6ccf14..a3cd082df6 100644
--- a/ext/DB_File/DB_File.pm
+++ b/ext/DB_File/DB_File.pm
@@ -1821,7 +1821,7 @@ fix very easily.
use DB_File ;
my %hash ;
- my $filename = "/tmp/filt" ;
+ my $filename = "filt" ;
unlink $filename ;
my $db = tie %hash, 'DB_File', $filename, O_CREAT|O_RDWR, 0666, $DB_HASH
@@ -1863,7 +1863,7 @@ Here is a DBM Filter that does it:
use strict ;
use DB_File ;
my %hash ;
- my $filename = "/tmp/filt" ;
+ my $filename = "filt" ;
unlink $filename ;
@@ -1894,8 +1894,8 @@ peril!
The locking technique went like this.
- $db = tie(%db, 'DB_File', '/tmp/foo.db', O_CREAT|O_RDWR, 0666)
- || die "dbcreat /tmp/foo.db $!";
+ $db = tie(%db, 'DB_File', 'foo.db', O_CREAT|O_RDWR, 0644)
+ || die "dbcreat foo.db $!";
$fd = $db->fd;
open(DB_FH, "+<&=$fd") || die "dup $!";
flock (DB_FH, LOCK_EX) || die "flock: $!";
diff --git a/ext/DB_File/t/db-recno.t b/ext/DB_File/t/db-recno.t
index a2e78a1ea8..4ab0aebe4a 100755
--- a/ext/DB_File/t/db-recno.t
+++ b/ext/DB_File/t/db-recno.t
@@ -1198,7 +1198,7 @@ my @tests = ([ [ 'falsely', 'dinosaur', 'remedy', 'commotion',
my $testnum = 181;
my $failed = 0;
-require POSIX; my $tmp = POSIX::tmpnam();
+my $tmp = "dbr$$";
foreach my $test (@tests) {
my $err = test_splice(@$test);
if (defined $err) {
diff --git a/ext/Devel/PPPort/PPPort.pm b/ext/Devel/PPPort/PPPort.pm
index 45a34b667b..e97311bd71 100644
--- a/ext/Devel/PPPort/PPPort.pm
+++ b/ext/Devel/PPPort/PPPort.pm
@@ -349,13 +349,13 @@ foreach $filename (map(glob($_),@ARGV)) {
}
if ($changes) {
- open(OUT,">/tmp/ppport.h.$$");
+ open(OUT,"ppport.h.$$");
print OUT $c;
close(OUT);
- open(DIFF, "diff -u $filename /tmp/ppport.h.$$|");
- while (<DIFF>) { s!/tmp/ppport\.h\.$$!$filename.patched!; print STDOUT; }
+ open(DIFF, "diff -u $filename ppport.h.$$|");
+ while (<DIFF>) { s!ppport\.h\.$$!$filename.patched!; print STDOUT; }
close(DIFF);
- unlink("/tmp/ppport.h.$$");
+ unlink("ppport.h.$$");
} else {
print "Looks OK\n";
}
diff --git a/ext/IO/t/io_unix.t b/ext/IO/t/io_unix.t
index 60520d1e41..e0a742f99d 100644
--- a/ext/IO/t/io_unix.t
+++ b/ext/IO/t/io_unix.t
@@ -24,7 +24,7 @@ BEGIN {
elsif ($^O eq 'os2') {
require IO::Socket;
- eval {IO::Socket::pack_sockaddr_un('/tmp/foo') || 1}
+ eval {IO::Socket::pack_sockaddr_un('/foo/bar') || 1}
or $@ !~ /not implemented/ or
$reason = 'compiled without TCP/IP stack v4';
} elsif ($^O =~ m/^(?:qnx|nto|vos)$/ ) {
@@ -37,7 +37,7 @@ BEGIN {
}
}
-$PATH = "/tmp/sock-$$";
+$PATH = "sock-$$";
# Test if we can create the file within the tmp directory
if (-e $PATH or not open(TEST, ">$PATH") and $^O ne 'os2') {
diff --git a/ext/ODBM_File/ODBM_File.xs b/ext/ODBM_File/ODBM_File.xs
index fb3b5740ec..95dedfff9d 100644
--- a/ext/ODBM_File/ODBM_File.xs
+++ b/ext/ODBM_File/ODBM_File.xs
@@ -32,7 +32,7 @@ datum nextkey(datum key);
* Set DBM_BUG_DUPLICATE_FREE in the extension hint file.
*/
/* Close the previous dbm, and fail to open a new dbm */
-#define dbmclose() ((void) dbminit("/tmp/x/y/z/z/y"))
+#define dbmclose() ((void) dbminit("/non/exist/ent"))
#endif
#include <fcntl.h>
diff --git a/ext/POSIX/POSIX.pod b/ext/POSIX/POSIX.pod
index 598464d3fc..03a5aa3a5d 100644
--- a/ext/POSIX/POSIX.pod
+++ b/ext/POSIX/POSIX.pod
@@ -417,9 +417,9 @@ Retrieves the value of a configurable limit on a file or directory. This
uses file descriptors such as those obtained by calling C<POSIX::open>.
The following will determine the maximum length of the longest allowable
-pathname on the filesystem which holds C</tmp/foo>.
+pathname on the filesystem which holds C</var/foo>.
- $fd = POSIX::open( "/tmp/foo", &POSIX::O_RDONLY );
+ $fd = POSIX::open( "/var/foo", &POSIX::O_RDONLY );
$path_max = POSIX::fpathconf( $fd, &POSIX::_PC_PATH_MAX );
Returns C<undef> on failure.
@@ -919,7 +919,7 @@ See also L<perlfunc/sysopen>.
Open a directory for reading.
- $dir = POSIX::opendir( "/tmp" );
+ $dir = POSIX::opendir( "/var" );
@files = POSIX::readdir( $dir );
POSIX::closedir( $dir );
@@ -930,9 +930,9 @@ Returns C<undef> on failure.
Retrieves the value of a configurable limit on a file or directory.
The following will determine the maximum length of the longest allowable
-pathname on the filesystem which holds C</tmp>.
+pathname on the filesystem which holds C</var>.
- $path_max = POSIX::pathconf( "/tmp", &POSIX::_PC_PATH_MAX );
+ $path_max = POSIX::pathconf( "/var", &POSIX::_PC_PATH_MAX );
Returns C<undef> on failure.
diff --git a/ext/Socket/Socket.pm b/ext/Socket/Socket.pm
index 0a41670aeb..07ec8ec63f 100644
--- a/ext/Socket/Socket.pm
+++ b/ext/Socket/Socket.pm
@@ -32,8 +32,8 @@ Socket, sockaddr_in, sockaddr_un, inet_aton, inet_ntoa - load the C socket.h def
$proto = getprotobyname('tcp');
socket(Socket_Handle, PF_UNIX, SOCK_STREAM, $proto);
- unlink('/tmp/usock');
- $sun = sockaddr_un('/tmp/usock');
+ unlink('/var/run/usock');
+ $sun = sockaddr_un('/var/run/usock');
connect(Socket_Handle,$sun);
=head1 DESCRIPTION
diff --git a/ext/Storable/Storable.pm b/ext/Storable/Storable.pm
index 19f8834a26..8ec8e1e58b 100644
--- a/ext/Storable/Storable.pm
+++ b/ext/Storable/Storable.pm
@@ -791,10 +791,10 @@ Here are some code samples showing a possible usage of Storable:
%color = ('Blue' => 0.1, 'Red' => 0.8, 'Black' => 0, 'White' => 1);
- store(\%color, '/tmp/colors') or die "Can't store %a in /tmp/colors!\n";
+ store(\%color, 'mycolors') or die "Can't store %a in mycolors!\n";
- $colref = retrieve('/tmp/colors');
- die "Unable to retrieve from /tmp/colors!\n" unless defined $colref;
+ $colref = retrieve('mycolors');
+ die "Unable to retrieve from mycolors!\n" unless defined $colref;
printf "Blue is still %lf\n", $colref->{'Blue'};
$colref2 = dclone(\%color);
diff --git a/ext/Time/HiRes/Makefile.PL b/ext/Time/HiRes/Makefile.PL
index fc6a155224..75dff900f3 100644
--- a/ext/Time/HiRes/Makefile.PL
+++ b/ext/Time/HiRes/Makefile.PL
@@ -71,19 +71,11 @@ my $nop3 = *File::Spec::catfile;
# without changing it, and then I'd always forget to change it before a
# release. Sorry, Edward :)
-sub TMPDIR {
- my $TMPDIR =
- (grep(defined $_ && -d $_ && -w _,
- ((defined $ENV{'TMPDIR'} ? $ENV{'TMPDIR'} : undef),
- qw(/var/tmp /usr/tmp /tmp c:/temp))))[0];
- $TMPDIR || die "Cannot find writable temporary directory.\n";
-}
-
sub try_compile_and_link {
my ($c, %args) = @_;
my ($ok) = 0;
- my ($tmp) = (($^O eq 'VMS') ? "sys\$scratch:tmp$$" : TMPDIR() . '/' . "tmp$$");
+ my ($tmp) = "tmp$$";
local(*TMPC);
my $obj_ext = $Config{obj_ext} || ".o";
diff --git a/lib/CGI/Cookie.pm b/lib/CGI/Cookie.pm
index 27a93c55b0..33de5cc255 100644
--- a/lib/CGI/Cookie.pm
+++ b/lib/CGI/Cookie.pm
@@ -407,7 +407,7 @@ same semantics as fetch(), but performs no unescaping.
You may also retrieve cookies that were stored in some external
form using the parse() class method:
- $COOKIES = `cat /usr/tmp/Cookie_stash`;
+ $COOKIES = `cat /some/path/Cookie_stash`;
%cookies = parse CGI::Cookie($COOKIES);
If you are in a mod_perl environment, you can save some overhead by
diff --git a/lib/ExtUtils/MakeMaker.pm b/lib/ExtUtils/MakeMaker.pm
index 10ef38e0af..c723715893 100644
--- a/lib/ExtUtils/MakeMaker.pm
+++ b/lib/ExtUtils/MakeMaker.pm
@@ -1018,7 +1018,7 @@ The generated Makefile enables the user of the extension to invoke
The Makefile to be produced may be altered by adding arguments of the
form C<KEY=VALUE>. E.g.
- perl Makefile.PL PREFIX=/tmp/myperl5
+ perl Makefile.PL PREFIX=~/myperl5
Other interesting targets in the generated Makefile are
@@ -1369,13 +1369,13 @@ Something like C<"-DHAVE_UNISTD_H">
This is the root directory into which the code will be installed. It
I<prepends itself to the normal prefix>. For example, if your code
-would normally go into /usr/local/lib/perl you could set DESTDIR=/tmp/
-and installation would go into /tmp/usr/local/lib/perl.
+would normally go into /usr/local/lib/perl you could set DESTDIR=/other/
+and installation would go into /other/usr/local/lib/perl.
This is primarily of use for people who repackage Perl modules.
NOTE: Due to the nature of make, it is important that you put the trailing
-slash on your DESTDIR. "/tmp/" not "/tmp".
+slash on your DESTDIR. "/other/" not "/other".
=item DIR
diff --git a/lib/ExtUtils/instmodsh b/lib/ExtUtils/instmodsh
index 90d36c2312..0eab08f867 100644
--- a/lib/ExtUtils/instmodsh
+++ b/lib/ExtUtils/instmodsh
@@ -105,7 +105,6 @@ sub create_archive {
my($reply, $module) = @_;
my $file = (split(' ', $reply))[1];
- my $tmp = "/tmp/inst.$$";
if( !(defined $file and length $file) ) {
print "No tar file specified\n";
diff --git a/lib/Memoize/t/tie.t b/lib/Memoize/t/tie.t
index e058674761..02c20d6fc7 100755
--- a/lib/Memoize/t/tie.t
+++ b/lib/Memoize/t/tie.t
@@ -29,14 +29,7 @@ sub n {
$_[0]+1;
}
-if (eval {require File::Spec::Functions}) {
- File::Spec::Functions->import('tmpdir', 'catfile');
- $tmpdir = tmpdir();
-} else {
- *catfile = sub { join '/', @_ };
- $tmpdir = $ENV{TMP} || $ENV{TMPDIR} || '/tmp';
-}
-$file = catfile($tmpdir, "md$$");
+$file = "md$$";
@files = ($file, "$file.db", "$file.dir", "$file.pag");
1 while unlink @files;
diff --git a/lib/Memoize/t/tie_gdbm.t b/lib/Memoize/t/tie_gdbm.t
index e9f20a071e..002ab9de00 100755
--- a/lib/Memoize/t/tie_gdbm.t
+++ b/lib/Memoize/t/tie_gdbm.t
@@ -26,13 +26,7 @@ if ($@) {
print "1..4\n";
-if (eval {require File::Spec::Functions}) {
- File::Spec::Functions->import();
-} else {
- *catfile = sub { join '/', @_ };
-}
-$tmpdir = $ENV{TMP} || $ENV{TMPDIR} || '/tmp';
-$file = catfile($tmpdir, "md$$");
+$file = "md$$";
1 while unlink $file, "$file.dir", "$file.pag";
tryout('GDBM_File', $file, 1); # Test 1..4
1 while unlink $file, "$file.dir", "$file.pag";
diff --git a/lib/Memoize/t/tie_ndbm.t b/lib/Memoize/t/tie_ndbm.t
index 0551446940..e22f06f4f2 100644
--- a/lib/Memoize/t/tie_ndbm.t
+++ b/lib/Memoize/t/tie_ndbm.t
@@ -28,14 +28,7 @@ if ($@) {
print "1..4\n";
-
-if (eval {require File::Spec::Functions}) {
- File::Spec::Functions->import();
-} else {
- *catfile = sub { join '/', @_ };
-}
-$tmpdir = $ENV{TMP} || $ENV{TMPDIR} || '/tmp';
-$file = catfile($tmpdir, "md$$");
+$file = "md$$";
1 while unlink $file, "$file.dir", "$file.pag";
tryout('Memoize::NDBM_File', $file, 1); # Test 1..4
1 while unlink $file, "$file.dir", "$file.pag";
diff --git a/lib/Memoize/t/tie_sdbm.t b/lib/Memoize/t/tie_sdbm.t
index 48895355c6..588efd9561 100644
--- a/lib/Memoize/t/tie_sdbm.t
+++ b/lib/Memoize/t/tie_sdbm.t
@@ -28,14 +28,7 @@ if ($@) {
print "1..4\n";
-if (eval {require File::Spec::Functions}) {
- File::Spec::Functions->import('tmpdir', 'catfile');
- $tmpdir = tmpdir();
-} else {
- *catfile = sub { join '/', @_ };
- $tmpdir = $ENV{TMP} || $ENV{TMPDIR} || '/tmp';
-}
-$file = catfile($tmpdir, "md$$");
+$file = "md$$";
1 while unlink $file, "$file.dir", "$file.pag";
if ( $^O eq 'VMS' ) {
1 while unlink "$file.sdbm_dir";
diff --git a/lib/Memoize/t/tie_storable.t b/lib/Memoize/t/tie_storable.t
index 042175552b..de3b8dc26b 100644
--- a/lib/Memoize/t/tie_storable.t
+++ b/lib/Memoize/t/tie_storable.t
@@ -33,14 +33,7 @@ if ($@) {
print "1..4\n";
-
-if (eval {require File::Spec::Functions}) {
- File::Spec::Functions->import();
-} else {
- *catfile = sub { join '/', @_ };
-}
-$tmpdir = $ENV{TMP} || $ENV{TMPDIR} || '/tmp';
-$file = catfile($tmpdir, "storable$$");
+$file = "storable$$";
1 while unlink $file;
tryout('Memoize::Storable', $file, 1); # Test 1..4
1 while unlink $file;
diff --git a/lib/Shell.pm b/lib/Shell.pm
index 7618cc1e41..df2ae0a6fc 100644
--- a/lib/Shell.pm
+++ b/lib/Shell.pm
@@ -144,7 +144,7 @@ Here's one that'll whack your mind a little out.
sub ps;
print ps -ww;
- cp("/etc/passwd", "/tmp/passwd");
+ cp("/etc/passwd", "/etc/passwd.orig");
That's maybe too gonzo. It actually exports an AUTOLOAD to the current
package (and uncovered a bug in Beta 3, by the way). Maybe the usual
diff --git a/lib/dotsh.pl b/lib/dotsh.pl
index 5be2413ae6..810ebc4d60 100644
--- a/lib/dotsh.pl
+++ b/lib/dotsh.pl
@@ -27,9 +27,9 @@
# dependent upon. These variables MUST be defined using shell syntax.
#
# Example:
-# &dotsh ('/tmp/foo', 'arg1');
-# &dotsh ('/tmp/foo');
-# &dotsh ('/tmp/foo arg1 ... argN');
+# &dotsh ('/foo/bar', 'arg1');
+# &dotsh ('/foo/bar');
+# &dotsh ('/foo/bar arg1 ... argN');
#
sub dotsh {
local(@sh) = @_;
@@ -54,19 +54,17 @@ sub dotsh {
}
}
if (length($vars) > 0) {
- system "$shell \"$vars;. $command $args; set > /tmp/_sh_env$$\"";
+ open (_SH_ENV, "$shell \"$vars && . $command $args && set \" |") || die;
} else {
- system "$shell \". $command $args; set > /tmp/_sh_env$$\"";
+ open (_SH_ENV, "$shell \". $command $args && set \" |") || die;
}
- open (_SH_ENV, "/tmp/_sh_env$$") || die "Could not open /tmp/_sh_env$$!\n";
while (<_SH_ENV>) {
chop;
m/^([^=]*)=(.*)/s;
$ENV{$1} = $2;
}
close (_SH_ENV);
- system "rm -f /tmp/_sh_env$$";
foreach $key (keys(%ENV)) {
$tmp .= "\$$key = \$ENV{'$key'};" if $key =~ /^[A-Za-z]\w*$/;
diff --git a/lib/perl5db.pl b/lib/perl5db.pl
index c2610e35e9..911671c348 100644
--- a/lib/perl5db.pl
+++ b/lib/perl5db.pl
@@ -95,7 +95,7 @@ sub eval {
# TTY - the TTY to use for debugging i/o.
#
# noTTY - if set, goes in NonStop mode. On interrupt if TTY is not set
-# uses the value of noTTY or "/tmp/perldbtty$$" to find TTY using
+# uses the value of noTTY or ".perldbtty$$" to find TTY using
# Term::Rendezvous. Current variant is to have the name of TTY in this
# file.
#
@@ -2227,7 +2227,7 @@ sub setterm {
select($sel);
} else {
eval "require Term::Rendezvous;" or die;
- my $rv = $ENV{PERLDB_NOTTY} || "/tmp/perldbtty$$";
+ my $rv = $ENV{PERLDB_NOTTY} || ".perldbtty$$";
my $term_rv = new Term::Rendezvous $rv;
$IN = $term_rv->IN;
$OUT = $term_rv->OUT;
diff --git a/mpeix/nm b/mpeix/nm
index e2a5d27c25..64e58be4d8 100755
--- a/mpeix/nm
+++ b/mpeix/nm
@@ -22,12 +22,12 @@ esac
# I wanted to pipe this into awk, but it fell victim to a known pipe/streams
# bug on my multiprocessor machine.
-callci xeq linkedit.pub.sys \"$LIST\" >/tmp/nm.$$
+callci xeq linkedit.pub.sys \"$LIST\" >nm.$$
/bin/awk '\
/ data univ / { printf "%-20s|%10s|%-6s|%-7s|%s\n",$1,$5,"extern","data","?"} \
- / entry univ / { printf "%-20s|%10s|%-6s|%-7s|%s\n",$1,$7,"extern","entry","?"}' /tmp/nm.$$
+ / entry univ / { printf "%-20s|%10s|%-6s|%-7s|%s\n",$1,$7,"extern","entry","?"}' nm.$$
-rm -f /tmp/nm.$$
+rm -f nm.$$
exit 0
diff --git a/mpeix/relink b/mpeix/relink
index 0ba9aebada..ec37142194 100755
--- a/mpeix/relink
+++ b/mpeix/relink
@@ -14,7 +14,7 @@ RAND=/$HPACCOUNT/$HPGROUP/libcrand
echo "Creating $RAND.sl...\n"
-TEMP=/tmp/perlmpe.$$
+TEMP=perlmpe.$$
rm -f $TEMP $RAND.a $RAND.sl
diff --git a/perly.fixer b/perly.fixer
index b627a8c2bd..fec981f208 100755
--- a/perly.fixer
+++ b/perly.fixer
@@ -23,7 +23,7 @@ gnupatch=patch
input=$1
output=$2
-tmp=/tmp/f$$
+tmp=perly$$
inputh=`echo $input|sed 's:\.c$:.h:'`
if grep '^#ifdef PERL_CORE' $inputh; then
diff --git a/pod/perl571delta.pod b/pod/perl571delta.pod
index 431c35928b..aff02e5add 100644
--- a/pod/perl571delta.pod
+++ b/pod/perl571delta.pod
@@ -771,17 +771,17 @@ SOCKS support is now much more robust.
If your file system supports symbolic links you can build Perl outside
of the source directory by
- mkdir /tmp/perl/build/directory
- cd /tmp/perl/build/directory
+ mkdir perl/build/directory
+ cd perl/build/directory
sh /path/to/perl/source/Configure -Dmksymlinks ...
-This will create in /tmp/perl/build/directory a tree of symbolic links
+This will create in perl/build/directory a tree of symbolic links
pointing to files in /path/to/perl/source. The original files are left
unaffected. After Configure has finished you can just say
make all test
-and Perl will be built and tested, all in /tmp/perl/build/directory.
+and Perl will be built and tested, all in perl/build/directory.
=back
diff --git a/pod/perl58delta.pod b/pod/perl58delta.pod
index b37157f9a0..9d955ef8a4 100644
--- a/pod/perl58delta.pod
+++ b/pod/perl58delta.pod
@@ -1905,17 +1905,17 @@ for site-wide changes).
If your file system supports symbolic links, you can build Perl outside
of the source directory by
- mkdir /tmp/perl/build/directory
- cd /tmp/perl/build/directory
+ mkdir perl/build/directory
+ cd perl/build/directory
sh /path/to/perl/source/Configure -Dmksymlinks ...
-This will create in /tmp/perl/build/directory a tree of symbolic links
+This will create in perl/build/directory a tree of symbolic links
pointing to files in /path/to/perl/source. The original files are left
unaffected. After Configure has finished, you can just say
make all test
-and Perl will be built and tested, all in /tmp/perl/build/directory.
+and Perl will be built and tested, all in perl/build/directory.
[561]
=item *
diff --git a/pod/perldbmfilter.pod b/pod/perldbmfilter.pod
index 8384999e6a..d62e496f9f 100644
--- a/pod/perldbmfilter.pod
+++ b/pod/perldbmfilter.pod
@@ -91,7 +91,7 @@ fix very easily.
use Fcntl ;
my %hash ;
- my $filename = "/tmp/filt" ;
+ my $filename = "filt" ;
unlink $filename ;
my $db = tie(%hash, 'SDBM_File', $filename, O_RDWR|O_CREAT, 0640)
@@ -137,7 +137,7 @@ Here is a DBM Filter that does it:
use warnings ;
use DB_File ;
my %hash ;
- my $filename = "/tmp/filt" ;
+ my $filename = "filt" ;
unlink $filename ;
diff --git a/pod/perldebug.pod b/pod/perldebug.pod
index ee9fa97d1c..e44eaafdcb 100644
--- a/pod/perldebug.pod
+++ b/pod/perldebug.pod
@@ -700,7 +700,7 @@ This module should implement a method named C<new> that returns an object
with two methods: C<IN> and C<OUT>. These should return filehandles to use
for debugging input and output correspondingly. The C<new> method should
inspect an argument containing the value of C<$ENV{PERLDB_NOTTY}> at
-startup, or C<"/tmp/perldbtty$$"> otherwise. This file is not
+startup, or C<".perldbtty$$"> otherwise. This file is not
inspected for proper ownership, so security hazards are theoretically
possible.
diff --git a/pod/perlfaq5.pod b/pod/perlfaq5.pod
index be10390120..49a348a81c 100644
--- a/pod/perlfaq5.pod
+++ b/pod/perlfaq5.pod
@@ -141,6 +141,7 @@ temporary files in one process, use a counter:
my $count = 0;
until (defined(fileno(FH)) || $count++ > 100) {
$base_name =~ s/-(\d+)$/"-" . (1 + $1)/e;
+ # O_EXCL is required for security reasons.
sysopen(FH, $base_name, O_WRONLY|O_EXCL|O_CREAT);
}
if (defined(fileno(FH))
@@ -427,8 +428,8 @@ To open file for update, file must not exist:
To open a file without blocking, creating if necessary:
- sysopen(FH, "/tmp/somefile", O_WRONLY|O_NDELAY|O_CREAT)
- or die "can't open /tmp/somefile: $!":
+ sysopen(FH, "/foo/somefile", O_WRONLY|O_NDELAY|O_CREAT)
+ or die "can't open /foo/somefile: $!":
Be warned that neither creation nor deletion of files is guaranteed to
be an atomic operation over NFS. That is, two processes might both
@@ -924,7 +925,7 @@ There's also a File::Tail module from CPAN.
If you check L<perlfunc/open>, you'll see that several of the ways
to call open() should do the trick. For example:
- open(LOG, ">>/tmp/logfile");
+ open(LOG, ">>/foo/logfile");
open(STDERR, ">&LOG");
Or even with a literal numeric descriptor:
diff --git a/pod/perlfaq8.pod b/pod/perlfaq8.pod
index 2fceab143f..e2cc1faa90 100644
--- a/pod/perlfaq8.pod
+++ b/pod/perlfaq8.pod
@@ -749,10 +749,10 @@ but leave its STDOUT to come out our old STDERR:
while (<PH>) { } # plus a read
To read both a command's STDOUT and its STDERR separately, it's easiest
-and safest to redirect them separately to files, and then read from those
-files when the program is done:
+to redirect them separately to files, and then read from those files
+when the program is done:
- system("program args 1>/tmp/program.stdout 2>/tmp/program.stderr");
+ system("program args 1>program.stdout 2>program.stderr");
Ordering is important in all these examples. That's because the shell
processes file descriptor redirections in strictly left to right order.
@@ -1063,8 +1063,8 @@ O_NDELAY or O_NONBLOCK flag from the Fcntl module in conjunction with
sysopen():
use Fcntl;
- sysopen(FH, "/tmp/somefile", O_WRONLY|O_NDELAY|O_CREAT, 0644)
- or die "can't open /tmp/somefile: $!":
+ sysopen(FH, "/foo/somefile", O_WRONLY|O_NDELAY|O_CREAT, 0644)
+ or die "can't open /foo/somefile: $!":
=head2 How do I install a module from CPAN?
diff --git a/pod/perlfunc.pod b/pod/perlfunc.pod
index 3bd43393bb..a7bbacc9fc 100644
--- a/pod/perlfunc.pod
+++ b/pod/perlfunc.pod
@@ -2929,7 +2929,7 @@ Examples:
open(ARTICLE, "caesar <$article |") # ditto
or die "Can't start caesar: $!";
- open(EXTRACT, "|sort >/tmp/Tmp$$") # $$ is our process id
+ open(EXTRACT, "|sort >Tmp$$") # $$ is our process id
or die "Can't start sort: $!";
# in memory files
diff --git a/pod/perlipc.pod b/pod/perlipc.pod
index 5f8af22550..c25eb878dc 100644
--- a/pod/perlipc.pod
+++ b/pod/perlipc.pod
@@ -1030,7 +1030,7 @@ Here's a sample Unix-domain client:
use strict;
my ($rendezvous, $line);
- $rendezvous = shift || '/tmp/catsock';
+ $rendezvous = shift || 'catsock';
socket(SOCK, PF_UNIX, SOCK_STREAM, 0) || die "socket: $!";
connect(SOCK, sockaddr_un($rendezvous)) || die "connect: $!";
while (defined($line = <SOCK>)) {
@@ -1051,7 +1051,7 @@ to be on the localhost, and thus everything works right.
sub spawn; # forward declaration
sub logmsg { print "$0 $$: @_ at ", scalar localtime, "\n" }
- my $NAME = '/tmp/catsock';
+ my $NAME = 'catsock';
my $uaddr = sockaddr_un($NAME);
my $proto = getprotobyname('tcp');
diff --git a/pod/perllexwarn.pod b/pod/perllexwarn.pod
index 9b614271bb..12ce1f6c82 100644
--- a/pod/perllexwarn.pod
+++ b/pod/perllexwarn.pod
@@ -383,9 +383,9 @@ Consider the module C<MyMod::Abc> below.
sub open {
my $path = shift ;
if ($path !~ m#^/#) {
- warnings::warn("changing relative path to /tmp/")
+ warnings::warn("changing relative path to /var/abc")
if warnings::enabled();
- $path = "/tmp/$path" ;
+ $path = "/var/abc/$path";
}
}
diff --git a/pod/perlobj.pod b/pod/perlobj.pod
index 156a0b8506..7d7beaf477 100644
--- a/pod/perlobj.pod
+++ b/pod/perlobj.pod
@@ -535,15 +535,15 @@ two-phased garbage collection:
warn "time to die...";
exit;
-When run as F</tmp/test>, the following output is produced:
-
- starting program at /tmp/test line 18.
- CREATING SCALAR(0x8e5b8) at /tmp/test line 7.
- CREATING SCALAR(0x8e57c) at /tmp/test line 7.
- leaving block at /tmp/test line 23.
- DESTROYING Subtle=SCALAR(0x8e5b8) at /tmp/test line 13.
- just exited block at /tmp/test line 26.
- time to die... at /tmp/test line 27.
+When run as F</foo/test>, the following output is produced:
+
+ starting program at /foo/test line 18.
+ CREATING SCALAR(0x8e5b8) at /foo/test line 7.
+ CREATING SCALAR(0x8e57c) at /foo/test line 7.
+ leaving block at /foo/test line 23.
+ DESTROYING Subtle=SCALAR(0x8e5b8) at /foo/test line 13.
+ just exited block at /foo/test line 26.
+ time to die... at /foo/test line 27.
DESTROYING Subtle=SCALAR(0x8e57c) during global destruction.
Notice that "global destruction" bit there? That's the thread
diff --git a/pod/perlop.pod b/pod/perlop.pod
index 96bb05273a..86cb294fe3 100644
--- a/pod/perlop.pod
+++ b/pod/perlop.pod
@@ -1185,10 +1185,10 @@ but leave its STDOUT to come out the old STDERR:
$output = `cmd 3>&1 1>&2 2>&3 3>&-`;
To read both a command's STDOUT and its STDERR separately, it's easiest
-and safest to redirect them separately to files, and then read from those
-files when the program is done:
+to redirect them separately to files, and then read from those files
+when the program is done:
- system("program args 1>/tmp/program.stdout 2>/tmp/program.stderr");
+ system("program args 1>program.stdout 2>program.stderr");
Using single-quote as a delimiter protects the command from Perl's
double-quote interpolation, passing it on to the shell instead:
diff --git a/pod/perlopentut.pod b/pod/perlopentut.pod
index 5389c1f722..0b60096f24 100644
--- a/pod/perlopentut.pod
+++ b/pod/perlopentut.pod
@@ -192,11 +192,11 @@ whether it only works on existing files or always clobbers existing ones.
open(WTMP, "+< /usr/adm/wtmp")
|| die "can't open /usr/adm/wtmp: $!";
- open(SCREEN, "+> /tmp/lkscreen")
- || die "can't open /tmp/lkscreen: $!";
+ open(SCREEN, "+> lkscreen")
+ || die "can't open lkscreen: $!";
- open(LOGFILE, "+>> /tmp/applog"
- || die "can't open /tmp/applog: $!";
+ open(LOGFILE, "+>> /var/log/applog"
+ || die "can't open /var/log/applog: $!";
The first one won't create a new file, and the second one will always
clobber an old one. The third one will create a new file if necessary
diff --git a/utils/c2ph.PL b/utils/c2ph.PL
index 91ecc04552..9cb89376cf 100644
--- a/utils/c2ph.PL
+++ b/utils/c2ph.PL
@@ -280,6 +280,7 @@ Anyway, here it is. Should run on perl v4 or greater. Maybe less.
$RCSID = '$Id: c2ph,v 1.7 95/10/28 10:41:47 tchrist Exp Locker: tchrist $';
+use File::Temp;
######################################################################
@@ -480,6 +481,13 @@ sub defvar {
printf "%-16s%-15s %s\n", $var, eval "\$$var", $msg;
}
+sub safedir {
+ $SAFEDIR = File::Temp::tempdir("c2ph.XXXXXX", TMPDIR => 1, CLEANUP => 1)
+ unless (defined($SAFEDIR));
+}
+
+undef $SAFEDIR;
+
$recurse = 1;
if (@ARGV) {
@@ -495,15 +503,15 @@ if (@ARGV) {
}
elsif (@ARGV == 1 && $ARGV[0] =~ /\.c$/) {
local($dir, $file) = $ARGV[0] =~ m#(.*/)?(.*)$#;
- $chdir = "cd $dir; " if $dir;
+ $chdir = "cd $dir && " if $dir;
&system("$chdir$CC $CFLAGS $DEFINES $file") && exit 1;
$ARGV[0] =~ s/\.c$/.s/;
}
else {
- $TMPDIR = tempdir(CLEANUP => 1);
- $TMP = "$TMPDIR/c2ph.$$.c";
+ &safedir;
+ $TMP = "$SAFEDIR/c2ph.$$.c";
&system("cat @ARGV > $TMP") && exit 1;
- &system("cd $TMPDIR; $CC $CFLAGS $DEFINES $TMP") && exit 1;
+ &system("cd $SAFEDIR && $CC $CFLAGS $DEFINES $TMP") && exit 1;
unlink $TMP;
$TMP =~ s/\.c$/.s/;
@ARGV = ($TMP);
@@ -1274,8 +1282,8 @@ sub fetch_template {
}
sub compute_intrinsics {
- $TMPDIR ||= tempdir(CLEANUP => 1);
- local($TMP) = "$TMPDIR/c2ph-i.$$.c";
+ &safedir;
+ local($TMP) = "$SAFEDIR/c2ph-i.$$.c";
open (TMP, ">$TMP") || die "can't open $TMP: $!";
select(TMP);
@@ -1303,7 +1311,7 @@ EOF
close TMP;
select(STDOUT);
- open(PIPE, "cd $TMPDIR && $CC $TMP && $TMPDIR/a.out|");
+ open(PIPE, "cd $SAFEDIR && $CC $TMP && $SAFEDIR/a.out|");
while (<PIPE>) {
chop;
split(' ',$_,2);;
@@ -1312,7 +1320,7 @@ EOF
$intrinsics{$_[1]} = $template{$_[0]};
}
close(PIPE) || die "couldn't read intrinsics!";
- unlink($TMP, '$TMPDIR/a.out');
+ unlink($TMP, '$SAFEDIR/a.out');
print STDERR "done\n" if $trace;
}