search

leejo / cgi-fast

The new home for CGI::Fast, removing it from the original CGI.pm distribution
4 stars 5 forks source link

FCGI_SOCKET_PERM environment variable does not work properly #22

Open zhangyoufu opened 1 year ago

zhangyoufu commented 1 year ago

https://github.com/leejo/cgi-fast/blob/280de798aff8a122ae1725d9825f4c7a1654a370/lib/CGI/Fast.pm#L50-L57

chmod LIST Changes the permissions of a list of files. The first element of the list must be the numeric mode, which should probably be an octal number, and which definitely should not be a string of octal digits: 0644 is okay, but "0644" is not. Returns the number of files successfully changed. See also oct if all you have is a string.

leejo commented 1 year ago

Hi.

Can you be more explicit about "does not work properly"? It seems when this was added test coverage was also added to exercise it: https://github.com/leejo/cgi-fast/commit/e9ba61405acc589d70663c18e7155d6cdd78a0ab#diff-57190e78b777d72bce3bdb69a08d4f9d60bfb22110c0cd0ac31cd931d2267358. I assume this is down to the ENV variable being stringified, tweaking the test coverage here to prove the bug would be a good first step.

Thanks.

zhangyoufu commented 1 year ago

Can you be more explicit about "does not work properly"?

The chmod perldoc describes exactly what I am facing.

my $mode = "0644"; chmod $mode, "foo"; # !!! sets mode to --w----r-T

We need to change $ENV{FCGI_SOCKET_PERM} to oct($ENV{FCGI_SOCKET_PERM}).

leejo commented 1 year ago

Yes, that I understood. The problem here is backwards compatibility. If the FCGI_SOCKET_PERM environment variable has been passed in from the shell it will indeed be stringified, however if it is set as part of the process that then calls this (like the test) it could be octal already. Witness:

[leejohnson@lee-nuc J0 C1027 11:32:45 ]
/tmp > ls -l foo bar baz
-rw-rw-rw- 1 leejohnson 0 Dec  9 11:32 bar
-rw-rw-rw- 1 leejohnson 0 Dec  9 11:32 baz
-rw-rw-rw- 1 leejohnson 0 Dec  9 11:32 foo

[leejohnson@lee-nuc J0 C1028 11:32:50 ]
/tmp > perl -E'$ENV{FCGI_SOCKET_PERM}=0644; chmod( $ENV{FCGI_SOCKET_PERM},"foo" ); chmod( oct( $ENV{FCGI_SOCKET_PERM} ),"bar" );'

[leejohnson@lee-nuc J0 C1029 11:33:09 ]
/tmp > ls -l foo bar baz
-r---w---- 1 leejohnson 0 Dec  9 11:32 bar
-rw-rw-rw- 1 leejohnson 0 Dec  9 11:32 baz
-rw-r--r-- 1 leejohnson 0 Dec  9 11:32 foo

We don't get the correct perms on bar as we called oct on something that didn't need it, that's a regression. So we need to call oct on the ENV variable but only if it is stringified and not already octal...