summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoey Hess <joey@kodama.kitenet.net>2008-02-24 15:42:43 -0500
committerJoey Hess <joey@kodama.kitenet.net>2008-02-24 15:42:43 -0500
commitd14bde197eb0704c4172ad7113cc9c739487e724 (patch)
tree9c38724cda38d0278d88e9def6d73f2185e1108a
parentf7303db5a194bff0e0c621efedc320cf9997d35e (diff)
* Disable taint checking for all builds as people keep complaining about it,
and since all versions of perl seem to be hopelessly broken.
-rwxr-xr-xMakefile.PL2
-rw-r--r--README2
-rw-r--r--debian/changelog2
-rwxr-xr-xdebian/rules3
-rw-r--r--doc/bugs/Insecure_dependency_in_utime.mdwn6
-rw-r--r--po/ikiwiki.pot20
6 files changed, 21 insertions, 14 deletions
diff --git a/Makefile.PL b/Makefile.PL
index cfaa6e6cd..6162743f3 100755
--- a/Makefile.PL
+++ b/Makefile.PL
@@ -23,7 +23,7 @@ PROBABLE_INST_LIB=$(shell \\
fi \\
)
-tflag=$(shell if [ "$$NOTAINT" != 1 ]; then printf -- "-T"; fi)
+tflag=$(shell if [ -n "$$NOTAINT" ] && [ "$$NOTAINT" != 1 ]; then printf -- "-T"; fi)
extramodules=$(shell if [ "$$PROFILE" = 1 ]; then printf -- "-MDevel::Profiler"; fi)
ikiwiki.out: ikiwiki.in
diff --git a/README b/README
index ba632a300..488ef7191 100644
--- a/README
+++ b/README
@@ -5,7 +5,7 @@ A few special variables you can set while using the Makefile:
PROFILE=1 turns on profiling for the build of the doc wiki. Uses Devel::Profile
-NOTAINT=1 turns off the taint flag in the ikiwiki program. (Recommended
+NOTAINT=0 turns on the taint flag in the ikiwiki program. (Not recommended
unless your perl is less buggy than mine -- see
http://bugs.debian.org/411786)
diff --git a/debian/changelog b/debian/changelog
index cd66d3c5b..093ca0f6c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -44,6 +44,8 @@ ikiwiki (2.40) UNRELEASED; urgency=low
about any other files rendered due to the page. The scan also turns out
to be unnecessary now, since meta persistently stores state and it's
always available. So it was just removed.
+ * Disable taint checking for all builds as people keep complaining about it,
+ and since all versions of perl seem to be hopelessly broken.
-- Josh Triplett <josh@freedesktop.org> Sun, 10 Feb 2008 13:18:58 -0800
diff --git a/debian/rules b/debian/rules
index bf0c65a43..af33131d9 100755
--- a/debian/rules
+++ b/debian/rules
@@ -4,8 +4,7 @@ build: build-stamp
build-stamp:
dh_testdir
perl Makefile.PL PREFIX=/usr INSTALLDIRS=vendor
- # taint checking disabled due to perl bug #411786
- NOTAINT=1 $(MAKE)
+ $(MAKE)
$(MAKE) test
touch build-stamp
diff --git a/doc/bugs/Insecure_dependency_in_utime.mdwn b/doc/bugs/Insecure_dependency_in_utime.mdwn
index f10905849..de20385f6 100644
--- a/doc/bugs/Insecure_dependency_in_utime.mdwn
+++ b/doc/bugs/Insecure_dependency_in_utime.mdwn
@@ -6,3 +6,9 @@ This was in ikiwiki\_2.32.3.
I worked-around this by doing:
utime IkiWiki::possibly_foolish_untaint($change->{when}), IkiWiki::possibly_foolish_untaint($change->{when}), "$config{srcdir}/$file
+
+> Don't build ikiwiki with taint checking. It's known to be broken in
+> apparently all versions of perl, apparently leaking taint flags at random.
+> See [[Insecure_dependency_in_mkdir]] --[[Joey]]
+
+[[tag done]]
diff --git a/po/ikiwiki.pot b/po/ikiwiki.pot
index 011ed3e98..1ccb583a7 100644
--- a/po/ikiwiki.pot
+++ b/po/ikiwiki.pot
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2008-02-11 23:03-0500\n"
+"POT-Creation-Date: 2008-02-24 15:37-0500\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -46,24 +46,24 @@ msgid "%s is not an editable page"
msgstr ""
#: ../IkiWiki/CGI.pm:384 ../IkiWiki/Plugin/brokenlinks.pm:24
-#: ../IkiWiki/Plugin/inline.pm:242 ../IkiWiki/Plugin/opendiscussion.pm:17
+#: ../IkiWiki/Plugin/inline.pm:237 ../IkiWiki/Plugin/opendiscussion.pm:17
#: ../IkiWiki/Plugin/orphans.pm:28 ../IkiWiki/Render.pm:95
#: ../IkiWiki/Render.pm:172
msgid "discussion"
msgstr ""
-#: ../IkiWiki/CGI.pm:431
+#: ../IkiWiki/CGI.pm:440
#, perl-format
msgid "creating %s"
msgstr ""
-#: ../IkiWiki/CGI.pm:449 ../IkiWiki/CGI.pm:467 ../IkiWiki/CGI.pm:477
-#: ../IkiWiki/CGI.pm:511 ../IkiWiki/CGI.pm:555
+#: ../IkiWiki/CGI.pm:458 ../IkiWiki/CGI.pm:476 ../IkiWiki/CGI.pm:486
+#: ../IkiWiki/CGI.pm:520 ../IkiWiki/CGI.pm:564
#, perl-format
msgid "editing %s"
msgstr ""
-#: ../IkiWiki/CGI.pm:644
+#: ../IkiWiki/CGI.pm:653
msgid "You are banned."
msgstr ""
@@ -209,20 +209,20 @@ msgstr ""
msgid "unknown sort type %s"
msgstr ""
-#: ../IkiWiki/Plugin/inline.pm:201
+#: ../IkiWiki/Plugin/inline.pm:196
msgid "Add a new post titled:"
msgstr ""
-#: ../IkiWiki/Plugin/inline.pm:217
+#: ../IkiWiki/Plugin/inline.pm:212
#, perl-format
msgid "nonexistant template %s"
msgstr ""
-#: ../IkiWiki/Plugin/inline.pm:250 ../IkiWiki/Render.pm:99
+#: ../IkiWiki/Plugin/inline.pm:245 ../IkiWiki/Render.pm:99
msgid "Discussion"
msgstr ""
-#: ../IkiWiki/Plugin/inline.pm:468
+#: ../IkiWiki/Plugin/inline.pm:463
msgid "RPC::XML::Client not found, not pinging"
msgstr ""