Problem with copying files in a Safe compartment

[p5pRT]

Migrated from rt.perl.org#57552 (status was 'open')

Searchable as RT57552$

[p5pRT]

From tggbiz@ntlworld.com

Created by tggbiz@ntlworld.com

Copying files does not work in a Safe compartment\, despite an empty deny only list.

In order to reproduce the results just paste the code into 2 files (SafeCopyDemo.pl\, rdo.pl) as indicated.

# File​: SafeCopyDemo.pl # use strict; use warnings;

use Safe;

print "Running SafeCopyDemo\n";

do_copy_file(@​ARGV);

sub some_sub { }

sub do_copy_file {   if (@​_ != 2)   {   print ("Usage​: SafeCopyDemo.pl from_file to_file\n");   return;   }   my ($from_filespec\, $to_filespec) = @​_;   print "do_copy_file​: Copying from $from_filespec to $to_filespec\n";   my $cpt = load_compartment(__PACKAGE__\, 'some_sub');

  if (defined($cpt) && exists &{$cpt->varglob('copy_file')})   {   print "do_copy_file​: Calling rdo.pl copy_file\n";   &{$cpt->varglob('copy_file')}($from_filespec\, $to_filespec);   } }

sub load_compartment {   my ($package\, @​subs) = @​_;   my $cpt;   print "load_compartment\n";   if (-f 'rdo.pl')   {   $cpt = new Safe;   print "load_compartment​: Doing rdo.pl\n";   $cpt->share_from('main'\, [ '%ENV' ]);   $cpt->share_from($package\, [ @​subs ]);   $cpt->deny_only();   $cpt->rdo('rdo.pl');   if ($@​)   {   die "Thrown exception from rdo.pl​: $@​\n";   }   }   return $cpt; }

# File rdo.pl # use strict; use warnings;

use File​::Copy;

print "Loading rdo.pl\n";

sub copy_file {   my ($from_filespec\, $to_filespec) = @​_;

  copy ($from_filespec\, $to_filespec);

  print "\tCopied $from_filespec to $to_filespec\n"; }

# Begin File​::Copy Test on Perl 5.8

Running SafeCopyDemo do_copy_file​: Copying from XXX to YYY load_compartment load_compartment​: Doing rdo.pl Loading rdo.pl do_copy_file​: Calling rdo.pl copy_file Unable to create sub named "*Config​::launcher" at C​:/Perl/lib/Config.p +m line 71.

# End File​::Copy Test on Perl 5.8

Perl Info

``` Flags: category=core severity=high Site configuration information for perl v5.8.8: Configured by SYSTEM at Tue Jul 31 19:34:29 2007. Summary of my perl5 (revision 5 version 8 subversion 8) configuration: Platform: osname=MSWin32, osvers=5.00, archname=MSWin32-x86-multi-thread uname='' config_args='undef' hint=recommended, useposix=true, d_sigaction=undef usethreads=define use5005threads=undef useithreads=define usemultiplicity=define useperlio=define d_sfio=undef uselargefiles=define usesocks=undef use64bitint=undef use64bitall=undef uselongdouble=undef usemymalloc=n, bincompat5005=undef Compiler: cc='cl', ccflags ='-nologo -GF -W3 -MD -Zi -DNDEBUG -O1 -DWIN32 -D_CONSOLE -DNO_STRICT -DHAVE_DES_FCRYPT -DNO_HASH_SEED -DUSE_SITECUSTOMIZE -DPRIVLIB_LAST_IN_INC -DPERL_IMPLICIT_CONTEXT -DPERL_IMPLICIT_SYS -DUSE_PERLIO -DPERL_MSVCRT_READFIX', optimize='-MD -Zi -DNDEBUG -O1', cppflags='-DWIN32' ccversion='12.00.8804', gccversion='', gccosandvers='' intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=1234 d_longlong=undef, longlongsize=8, d_longdbl=define, longdblsize=8 ivtype='long', ivsize=4, nvtype='double', nvsize=8, Off_t='__int64', lseeksize=8 alignbytes=8, prototype=define Linker and Libraries: ld='link', ldflags ='-nologo -nodefaultlib -debug -opt:ref,icf -libpath:"C:\Perl\lib\CORE" -machine:x86' libpth=\lib libs= oldnames.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib netapi32.lib uuid.lib ws2_32.lib mpr.lib winmm.lib version.lib odbc32.lib odbccp32.lib msvcrt.lib perllibs= oldnames.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib netapi32.lib uuid.lib ws2_32.lib mpr.lib winmm.lib version.lib odbc32.lib odbccp32.lib msvcrt.lib libc=msvcrt.lib, so=dll, useshrplib=true, libperl=perl58.lib gnulibc_version='' Dynamic Linking: dlsrc=dl_win32.xs, dlext=dll, d_dlsymun=undef, ccdlflags=' ' cccdlflags=' ', lddlflags='-dll -nologo -nodefaultlib -debug -opt:ref,icf -libpath:"C:\Perl\lib\CORE" -machine:x86' Locally applied patches: ACTIVEPERL_LOCAL_PATCHES_ENTRY Iin_load_module moved for compatibility with build 806 Avoid signal flag SA_RESTART for older versions of HP-UX PerlEx support in CGI::Carp Less verbose ExtUtils::Install and Pod::Find Patch for CAN-2005-0448 from Debian with modifications Rearrange @INC so that 'site' is searched before 'perl' Partly reverted 24733 to preserve binary compatibility MAINT31223 plus additional changes 31490 Problem bootstraping Win32CORE 31324 Fix DynaLoader::dl_findfile() to locate .so files again 31214 Win32::GetLastError fails when first called 31211 Restore Windows NT support 31188 Problem killing a pseudo-forked child on Win32 29732 ANSIfy the PATH environment variable on Windows 27527,29868 win32_async_check() can loop indefinitely 26970 Make Passive mode the default for Net::FTP 26379 Fix alarm() for Windows 2003 24699 ICMP_UNREACHABLE handling in Net::Ping @INC for perl v5.8.8: C:/Perl/site/lib C:/Perl/lib . Environment for perl v5.8.8: HOME (unset) LANG (unset) LANGUAGE (unset) LD_LIBRARY_PATH (unset) LOGDIR (unset) PATH=C:\Program Files\Microsoft.NET\SDK\v1.1\bin;C:\Program Files\Microsoft Visual Studio .NET 2003\Common7\IDE;C:\Program Files\Microsoft Visual Studio .NET 2003\VC7\BIN;C:\Program Files\Microsoft Visual Studio .NET 2003\Common7\Tools;C:\Program Files\Microsoft Visual Studio .NET 2003\Common7\Tools\bin\prerelease;C:\Program Files\Microsoft Visual Studio .NET 2003\Common7\Tools\bin;C:\Program Files\Microsoft Visual Studio .NET 2003\SDK\v1.1\bin;C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322;C:\WINDOWS\system32;;C:\Program Files\Java\jdk1.5.0_04\bin;C:\Program Files\Java\apache-ant-1.6.5\bin;C:\Program Files\Java\Apache Software Foundation\ActiveMQ\apache-activemq-4.1.1\bin;C:\Program Files\Java\java_ee_sdk-5_03\bin;C:\Perl\bin;C:\Documents and Settings\Daddy\My Documents\Work\auto\glb\tool\Windows\bin PERLPATH=C:\Perl PERL_BADLANG (unset) SHELL (unset) ```

[p5pRT]

From @rgs

2008/8/3 via RT tggbiz \perlbug\-followup@​perl\.org​:

Copying files does not work in a Safe compartment\, despite an empty deny only list. [...]

Running SafeCopyDemo do_copy_file​: Copying from XXX to YYY load_compartment load_compartment​: Doing rdo.pl Loading rdo.pl do_copy_file​: Calling rdo.pl copy_file Unable to create sub named "*Config​::launcher" at C​:/Perl/lib/Config.p +m line 71.

I think that\, as with most bugs of this type with Safe\, careful use of the share() function to import the wanted namespaces into the Safe compartment can solve your problem.

[p5pRT]

The RT System itself - Status changed from 'new' to 'open'

[p5pRT]

From tggbiz@ntlworld.com

I thought I'd better add that the problem exists with Perl 5.10 as well as 5.8 & the sympoms are exactly the same - see results and Perl version information below.

Can you give me an estimate as to when you might have a workaround or fix on 5.8 or 5.10?

Thanks\,

Tom

C​:\GLB\test\newtest\SafeCopyDemo>perl SafeCopyDemo.pl xxx yyy Running SafeCopyDemo do_copy_file​: Copying from xxx to yyy load_compartment load_compartment​: Doing rdo.pl Loading rdo.pl do_copy_file​: Calling rdo.pl copy_file Unable to create sub named "*Config​::launcher" at C​:/Perl/lib/Config.pm line 71.

C​:\GLB\test\newtest\SafeCopyDemo>perl -v

This is perl\, v5.10.0 built for MSWin32-x86-multi-thread (with 5 registered patches\, see perl -V for more detail)

Copyright 1987-2007\, Larry Wall

Binary build 1003 [285500] provided by ActiveState http​://www.ActiveState.com Built May 13 2008 16​:52​:49

Perl may be copied only under the terms of either the Artistic License or the GNU General Public License\, which may be found in the Perl 5 source kit.

Complete documentation for Perl\, including FAQ lists\, should be found on this system using "man perl" or "perldoc perl". If you have access to the Internet\, point your browser at http​://www.perl.org/\, the Perl Home Page.

C​:\GLB\test\newtest\SafeCopyDemo>perl -V Summary of my perl5 (revision 5 version 10 subversion 0) configuration​:   Platform​:   osname=MSWin32\, osvers=5.00\, archname=MSWin32-x86-multi-thread   uname=''   config_args='undef'   hint=recommended\, useposix=true\, d_sigaction=undef   useithreads=define\, usemultiplicity=define   useperlio=define\, d_sfio=undef\, uselargefiles=define\, usesocks=undef   use64bitint=undef\, use64bitall=undef\, uselongdouble=undef   usemymalloc=n\, bincompat5005=undef   Compiler​:   cc='cl'\, ccflags ='-nologo -GF -W3 -MD -Zi -DNDEBUG -O1 -DWIN32 -D_CONSOLE -DNO_STRICT -DHAVE_DES_FCRYPT -DUSE_SITECUSTOMIZE -DPRIVLIB_LAST_IN_INC -DPERL_IMPLICIT_CONTEXT -DPERL_IMPLICIT_SYS -DUSE_PERLIO -DPERL_MSVCRT_READFIX'\,   optimize='-MD -Zi -DNDEBUG -O1'\,   cppflags='-DWIN32'   ccversion='13.10.3077'\, gccversion=''\, gccosandvers=''   intsize=4\, longsize=4\, ptrsize=4\, doublesize=8\, byteorder=1234   d_longlong=undef\, longlongsize=8\, d_longdbl=define\, longdblsize=10   ivtype='long'\, ivsize=4\, nvtype='double'\, nvsize=8\, Off_t='__int64'\, lseeksize=8   alignbytes=8\, prototype=define   Linker and Libraries​:   ld='link'\, ldflags '-nologo -nodefaultlib -debug -opt​:ref\,icf -libpath​:"C​:\Perl\lib\CORE" -machine​:x86'   libpth=\lib   libs= oldnames.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib netapi32.lib uuid.lib ws2_32.lib mpr.lib winmm.lib version.lib odbc32.lib odbccp32.lib msvcrt.lib   perllibs= oldnames.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib netapi32.lib uuid.lib ws2_32.lib mpr.lib winmm.lib version.lib odbc32.lib odbccp32.lib msvcrt.lib   libc=msvcrt.lib\, so=dll\, useshrplib=true\, libperl=perl510.lib   gnulibc_version=''   Dynamic Linking​:   dlsrc=dl_win32.xs\, dlext=dll\, d_dlsymun=undef\, ccdlflags=' '   cccdlflags=' '\, lddlflags='-dll -nologo -nodefaultlib -debug -opt​:ref\,icf -libpath​:"C​:\Perl\lib\CORE"   -machine​:x86'

Characteristics of this binary (from libperl)​:   Compile-time options​: MULTIPLICITY PERL_DONT_CREATE_GVSV   PERL_IMPLICIT_CONTEXT PERL_IMPLICIT_SYS   PERL_MALLOC_WRAP PL_OP_SLAB_ALLOC USE_ITHREADS   USE_LARGE_FILES USE_PERLIO USE_SITECUSTOMIZE   Locally applied patches​:   ActivePerl Build 1003 [285500]   33741 avoids segfaults invoking S_raise_signal() (on Linux)   33763 Win32 process ids can have more than 16 bits   32809 Load 'loadable object' with non-default file extension   32728 64-bit fix for Time​::Local   Built under MSWin32   Compiled at May 13 2008 16​:52​:49   %ENV​:   PERLPATH="C​:\Perl"   @​INC​:   C​:/Perl/site/lib   C​:/Perl/lib   .

----- Original Message ----- From​: \perlbug\-followup@​perl\.org To​: \tggbiz@​ntlworld\.com Sent​: Sunday\, August 03\, 2008 6​:45 PM Subject​: [perl #57552] perlbug AutoReply​: Problem with copying files in a Safe compartment

Greetings\,

This message has been automatically generated in response to the creation of a perl bug report regarding​: "Problem with copying files in a Safe compartment".

There is no need to reply to this message right now. Your ticket has been assigned an ID of [perl #57552]. Within the next 24-72 hours\, your message will be posted to the perl developers. Please be patient!

Please include the string​:

[perl #57552]

in the subject line of all future correspondence about this issue. To do so\, you may reply to this message (please delete unnecessary quotes and text.)

Thank you\, perlbug-followup@​perl.org

------------------------------------------------------------------------- CC​: \support@​ActiveState\.com MIME-Version​: 1.0 X-Spam-Status​: No\, hits=-5.9 required=8.0 tests=BAYES_00\,HTML_MESSAGE\,PERLBUG_CONF\,SPF_NEUTRAL X-Mailer​: Microsoft Outlook Express 6.00.2900.3138 X-Virus-Checked​: Checked X-Virus-Checked​: Checked X-Old-Spam-Check-BY​: la.mx.develooper.com Content-Type​: multipart/alternative; boundary="----=_NextPart_000_0015_01C8F599.0398DC10" Message-ID​: \001801c8f590$a369e120$6401a8c0@​daddyspc Received​: (qmail 28106 invoked from network); 3 Aug 2008 17​:45​:26 -0000 Received​: from localhost (HELO la.mx.develooper.com) (127.0.0.1) by localhost with SMTP; 3 Aug 2008 17​:45​:26 -0000 Received​: (qmail 28099 invoked by alias); 3 Aug 2008 17​:45​:26 -0000 Received​: from la.mx.develooper.com (HELO x1.develooper.com) (63.251.223.176) by la.mx.develooper.com (qpsmtpd/0.28) with SMTP; Sun\, 03 Aug 2008 10​:45​:09 -0700 Received​: (qmail 27856 invoked by uid 225); 3 Aug 2008 17​:45​:05 -0000 Received​: (qmail 27846 invoked by alias); 3 Aug 2008 17​:45​:04 -0000 Received​: from mtaout02-winn.ispmail.ntl.com (HELO mtaout02-winn.ispmail.ntl.com) (81.103.221.48) by la.mx.develooper.com (qpsmtpd/0.28) with ESMTP; Sun\, 03 Aug 2008 10​:44​:50 -0700 Received​: from aamtaout03-winn.ispmail.ntl.com ([81.103.221.35]) by mtaout02-winn.ispmail.ntl.com with ESMTP id \20080803174445\.CYIH21103\.mtaout02\-winn\.ispmail\.ntl\.com@​aamtaout03\-winn\.ispmail\.ntl\.com; Sun\, 3 Aug 2008 18​:44​:45 +0100 Received​: from daddyspc ([213.106.1.169]) by aamtaout03-winn.ispmail.ntl.com with SMTP id \20080803174444\.TCGQ29597\.aamtaout03\-winn\.ispmail\.ntl\.com@​daddyspc; Sun\, 3 Aug 2008 18​:44​:44 +0100 Delivered-To​: rt-perl5@​netlabs.develooper.com Delivered-To​: perlbug@​perl.org Subject​: Problem with copying files in a Safe compartment Return-Path​: \tggbiz@​ntlworld\.com X-Msmail-Priority​: Normal X-Spam-Check-BY​: la.mx.develooper.com X-Priority​: 3 X-Old-Spam-Status​: No\, hits=-6.6 required=8.0 tests=BAYES_00\,HTML_MESSAGE\,PERLBUG_CONF\,SPF_PASS Date​: Sun\, 3 Aug 2008 18​:44​:51 +0100 X-Mimeole​: Produced By Microsoft MimeOLE V6.00.2900.3198 To​: \perlbug@​perl\.org From​: "tggbiz" \tggbiz@​ntlworld\.com