This is not a security bug, or a bug at all in perl.
Software that executes commands under /tmp is not intrinsically
insecure. Various hardening guides recommend mounting /tmp noexec
because it's harder for programmers to get security handling of files
under /tmp *right*; but an attempt to execute a command under /tmp is
not evidence that the programmer has gotten it wrong.
The perl package did not create the file /tmp/ubuntu-drivers-
common.config.55GJ8b and try to execute it. This was done by some other
software that then invoked perl to try to execute it. Perl should not
refuse to try to execute the command because the path starts with
"/tmp", it should do what it has been asked to do.
The specific path in use is suggestive of a debconf config script that
has been unpacked as part of the apt "pre-configuration" stage and is
being run from a temporary directory. However, the normal interface for
this is /usr/sbin/dpkg-preconfigure as invoked via
/etc/apt/apt.conf.d/70debconf; and dpkg-preconfigure explicitly
specifies to extract the config script to /var/cache/debconf/tmp.ci in
order to avoid site policies that restrict execution of binaries under
/tmp. So I do not know why this script has been unpacked to /tmp on
your system; that does not appear to be the normal flow of operation
(and also has not been, for decades).
Since there is not a confirmed securtiy bug here, and since I don't know
where those files on your system came from, I am closing this bug
invalid. If you can provide further information that would show this
path is coming from an Ubuntu package, it would be appropriate to reopen
the bug report and assign it to the corresponding package.
I am also marking this as a public non-security bug.
** Changed in: perl (Ubuntu)
Status: New => Invalid
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to perl in Ubuntu.
https://bugs.launchpad.net/bugs/2043711
Title:
Open3.pm tries to run code in /tmp when updating ubuntu-drivers-common
Status in perl package in Ubuntu:
Invalid
Bug description:
During update of ubuntu-drivers-common:
Can't exec "/tmp/ubuntu-drivers-common.config.55GJ8b": Permission denied at
/usr/lib/x86_64-linux-gnu/perl-base/IPC/Open3.pm line 178, <GEN0> line 1.
open2: exec of /tmp/ubuntu-drivers-common.config.55GJ8b configure
1:0.9.6.2~0.22.04.4 failed: Permission
denied at /usr/share/perl5/Debconf/ConfModule.pm line 59.
Preconfiguring packages ...
Can't exec "/tmp/ubuntu-drivers-common.config.uSPrCH": Permission denied at
/usr/lib/x86_64-linux-gnu/perl-base/IPC/Open3.pm line 178, <GEN0> line 1.
open2: exec of /tmp/ubuntu-drivers-common.config.uSPrCH configure
1:0.9.6.2~0.22.04.4 failed: Permission
denied at /usr/share/perl5/Debconf/ConfModule.pm line 59.
/tmp is mounted with noexec because running code from /tmp has been a
vulnerability vector for several decades, hence reporting this as a
vulnerability in perl-base.
This error did not appear to prevent the update of ubuntu-drivers-
common and "dpkg --verify ubuntu-drivers-common" returns 0.
___________________________________________________________________________________________________________
Attempting to use the package search on this form by clicking the 🔍
created a modal in which there is an error
Sorry, something went wrong with your search. We've recorded what
happened, and we'll fix it as soon as possible. (Error ID:
OOPS-c80f71590b02908a1187b9f743c53eac)
which is repeated with any attempt to search for a package.
___________________________________________________________________________________________________________
Submitting this form gives an error
"perl-base" does not exist in Ubuntu. Please choose a different
package. If you're unsure, please select "I don't know"
$ dpkg -S /usr/lib/x86_64-linux-gnu/perl-base/IPC/Open3.pm
perl-base: /usr/lib/x86_64-linux-gnu/perl-base/IPC/Open3.pm
$ dpkg -l perl-base
Desired=Unknown/Install/Remove/Purge/Hold
|
Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-=================-============-=============================>
ii perl-base 5.34.0-3ubuntu1.2 amd64 minimal Perl system
Looks like a package to me. Nevertheless, using "Did you mean..."
offers "perl".
ProblemType: Bug
DistroRelease: Ubuntu 22.04
Package: perl-base 5.34.0-3ubuntu1.2
ProcVersionSignature: Ubuntu 6.5.0-1007.7-oem 6.5.3
Uname: Linux 6.5.0-1007-oem x86_64
ApportVersion: 2.20.11-0ubuntu82.5
Architecture: amd64
CasperMD5CheckResult: unknown
CurrentDesktop: ubuntu:GNOME
Date: Thu Nov 16 10:08:48 2023
InstallationDate: Installed on 2016-04-23 (2763 days ago)
InstallationMedia: Ubuntu 16.04 LTS "Xenial Xerus" - Release amd64
(20160420.1)
ProcEnviron:
TERM=rxvt
PATH=(custom, no user)
XDG_RUNTIME_DIR=<set>
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: perl
UpgradeStatus: Upgraded to jammy on 2022-08-19 (453 days ago)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/perl/+bug/2043711/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
