|
Packit |
a89ea5 |
#!/usr/bin/perl -w
|
|
Packit |
a89ea5 |
# Test for File::Temp - Security levels
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
# Some of the security checking will not work on all platforms
|
|
Packit |
a89ea5 |
# Test a simple open in the cwd and tmpdir foreach of the
|
|
Packit |
a89ea5 |
# security levels
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
use Test::More tests => 12;
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
use strict;
|
|
Packit |
a89ea5 |
use File::Spec;
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
# Set up END block - this needs to happen before we load
|
|
Packit |
a89ea5 |
# File::Temp since this END block must be evaluated after the
|
|
Packit |
a89ea5 |
# END block configured by File::Temp
|
|
Packit |
a89ea5 |
my @files; # list of files to remove
|
|
Packit |
a89ea5 |
END { foreach (@files) { ok( !(-e $_) )} }
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
use File::Temp qw/ tempfile unlink0 /;
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
# The high security tests must currently be skipped on some platforms
|
|
Packit |
a89ea5 |
my $skipplat = ( (
|
|
Packit |
a89ea5 |
# No sticky bits.
|
|
Packit |
a89ea5 |
$^O eq 'MSWin32' || $^O eq 'NetWare' || $^O eq 'os2' || $^O eq 'dos' || $^O eq 'mpeix' || $^O eq 'MacOS'
|
|
Packit |
a89ea5 |
) ? 1 : 0 );
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
# Can not run high security tests in perls before 5.6.0
|
|
Packit |
a89ea5 |
my $skipperl = ($] < 5.006 ? 1 : 0 );
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
# Determine whether we need to skip things and why
|
|
Packit |
a89ea5 |
my $skip = 0;
|
|
Packit |
a89ea5 |
if ($skipplat) {
|
|
Packit |
a89ea5 |
$skip = "Not supported on this platform";
|
|
Packit |
a89ea5 |
} elsif ($skipperl) {
|
|
Packit |
a89ea5 |
$skip = "Perl version must be v5.6.0 for these tests";
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
}
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
print "# We will be skipping some tests : $skip\n" if $skip;
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
# start off with basic checking
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
File::Temp->safe_level( File::Temp::STANDARD );
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
print "# Testing with STANDARD security...\n";
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
test_security();
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
SKIP: {
|
|
Packit |
a89ea5 |
skip $skip, 8 if $skip;
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
# Try medium
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
File::Temp->safe_level( File::Temp::MEDIUM );
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
print "# Testing with MEDIUM security...\n";
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
# Now we need to start skipping tests
|
|
Packit |
a89ea5 |
test_security();
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
# Try HIGH
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
File::Temp->safe_level( File::Temp::HIGH );
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
print "# Testing with HIGH security...\n";
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
test_security();
|
|
Packit |
a89ea5 |
}
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
exit;
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
# Subroutine to open two temporary files.
|
|
Packit |
a89ea5 |
# one is opened in the current dir and the other in the temp dir
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
sub test_security {
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
# Create the tempfile
|
|
Packit |
a89ea5 |
my $template = "tmpXXXXX";
|
|
Packit |
a89ea5 |
my ($fh1, $fname1) = eval { tempfile ( $template,
|
|
Packit |
a89ea5 |
DIR => File::Temp::_wrap_file_spec_tmpdir(),
|
|
Packit |
a89ea5 |
UNLINK => 1,
|
|
Packit |
a89ea5 |
);
|
|
Packit |
a89ea5 |
};
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
SKIP: {
|
|
Packit |
a89ea5 |
if (defined $fname1) {
|
|
Packit |
a89ea5 |
print "# fname1 = $fname1\n";
|
|
Packit |
a89ea5 |
ok( (-e $fname1) );
|
|
Packit |
a89ea5 |
push(@files, $fname1); # store for end block
|
|
Packit |
a89ea5 |
} elsif (File::Temp->safe_level() != File::Temp::STANDARD) {
|
|
Packit |
a89ea5 |
chomp($@);
|
|
Packit |
a89ea5 |
my $msg = File::Temp::_wrap_file_spec_tmpdir() . " possibly insecure: $@";
|
|
Packit |
a89ea5 |
skip $msg, 2; # one here and one in END
|
|
Packit |
a89ea5 |
} else {
|
|
Packit |
a89ea5 |
ok(0);
|
|
Packit |
a89ea5 |
}
|
|
Packit |
a89ea5 |
}
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
SKIP: {
|
|
Packit |
a89ea5 |
# Explicitly
|
|
Packit |
a89ea5 |
if ( $< < File::Temp->top_system_uid() ){
|
|
Packit |
a89ea5 |
skip("Skip Test inappropriate for root", 2);
|
|
Packit |
a89ea5 |
return;
|
|
Packit |
a89ea5 |
}
|
|
Packit |
a89ea5 |
my ($fh2, $fname2) = eval { tempfile ($template, UNLINK => 1 ); };
|
|
Packit |
a89ea5 |
if (defined $fname2) {
|
|
Packit |
a89ea5 |
print "# fname2 = $fname2\n";
|
|
Packit |
a89ea5 |
ok( (-e $fname2) );
|
|
Packit |
a89ea5 |
push(@files, $fname2); # store for end block
|
|
Packit |
a89ea5 |
close($fh2);
|
|
Packit |
a89ea5 |
} elsif (File::Temp->safe_level() != File::Temp::STANDARD) {
|
|
Packit |
a89ea5 |
chomp($@);
|
|
Packit |
a89ea5 |
my $msg = "current directory possibly insecure: $@";
|
|
Packit |
a89ea5 |
skip $msg, 2; # one here and one in END
|
|
Packit |
a89ea5 |
} else {
|
|
Packit |
a89ea5 |
ok(0);
|
|
Packit |
a89ea5 |
}
|
|
Packit |
a89ea5 |
}
|
|
Packit |
a89ea5 |
}
|
|
Packit |
a89ea5 |
|
|
Packit |
a89ea5 |
# vim: ts=2 sts=2 sw=2 et:
|