Re: "Insecure dependency in eval while running setgid" error

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: "Insecure dependency in eval while running setgid" error

Subject: Re: "Insecure dependency in eval while running setgid" error
Date: Tue, 27 Mar 2007 09:29:33 -0700
From: Fred Moyer <suppressed>

suppressed wrote:

- I changed a mod_perl page to actually print out gid and egid. Both $(
and $) are actually a space seperated list of group ids, what I found is
that under mod_perl  I get:

$GID  	451 451
$EGID  	-19253340 451

451 is fliclearusers, the primary group of my account. I have no idea
where this negative number comes from. Certainly running perl -e 'print
$)' doesn't return it.

So I'm again at the stage where I'm thinking is is an issue with the
state of the perl/mod_perl interpreter rather than my code or a CPAN
module's code.

Can anyone shed any light on that negative egid value?   (/usr/bin/ps
certainly doesn't show such a value)

My guess as to why $EGID is negative is that it's exceeding 2**32/2 -it's signed int according to the source (mp1). The only reason I'mguessing here is that I had to fix a sprintf bug not too long ago whereour interpolated object ids were returning negative numbers because weexceeded 2 billion transactions in our system.


src/modules/perl/perl_util.c

668 void mod_perl_init_ids(void)  /* $$, $>, $), etc */
669 {
670     if(set_ids++) return;
671     sv_setiv(GvSV(gv_fetchpv("$", TRUE, SVt_PV)), (I32)getpid());
672 #ifndef WIN32
673     uid  = (int)getuid();
674     euid = (int)geteuid();
675     gid  = (int)getgid();
676     egid = (int)getegid();
677     MP_TRACE_g(fprintf(stderr,
678              "perl_init_ids: uid=%d, euid=%d, gid=%d, egid=%d\n",
679              uid, euid, gid, egid));
680 #endif
681 }

> What I found was if I changed my Website::Proxy module to load all
> modules on webserver startup (i.e. in it's own BEGIN block) rather
> than on demand then the eval errors there stopped. This seems to imply
> that the interpreter is getting into a confused state after some
> continued use.

Or maybe this is a bug in getegid where it's not clearing a previousmemory state. What platform is this on?

Question - are you preloading these modules in startup.pl or somethingsimilar? It sounds like you aren't from the snippet above.

Follow-Ups:
- Re: "Insecure dependency in eval while running setgid" error
  - From: Robert Landrum
- RE: "Insecure dependency in eval while running setgid" error
  - From: Sagar.Shah

References:
- RE: "Insecure dependency in eval while running setgid" error
  - From: Sagar.Shah

Prev by Date: Re: "Insecure dependency in eval while running setgid" error
Next by Date: [RELEASE CANDIDATE] Apache-SizeLimit 0.91 RC4
Previous by thread: Re: "Insecure dependency in eval while running setgid" error
Next by thread: Re: "Insecure dependency in eval while running setgid" error
Index(es):
- Date
- Thread

Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.