Currently, File::Temp calls POSIX::sysconf where it ought to be calling POSIX::pathconf instead, rendering one of its safety checks ineffective. https://github.com/Perl-Toolchain-Gang/File-Temp/commit/2de518ab67bf3c5be2525ea0a5d78f39de50074f.patch This might be worth carrying as a patch.
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=94ef94a19bf6264278a7e0d08014a0cf2ce6184b commit 94ef94a19bf6264278a7e0d08014a0cf2ce6184b Author: Sam James <sam@gentoo.org> AuthorDate: 2024-04-30 04:49:23 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-04-30 04:51:19 +0000 perl-core/File-Temp: fix _PC_CHOWN_RESTRICTED The wrong function was being used (POSIX::sysconf) to determine the value of _PC_CHOWN_RESTRICTED, neutering the security feature. Migrate to POSIX::pathconf, as is now recommended by the Perl documentation (https://github.com/Perl/perl5/pull/22161). This patch hasn't yet been merged upstream into File-Temp, but the documentation change rectifying the error in Perl itself has been merged, so I'm confident it's the right thing to do. Closes: https://bugs.gentoo.org/930949 Signed-off-by: Sam James <sam@gentoo.org> perl-core/File-Temp/File-Temp-0.231.100-r1.ebuild | 21 +++++++ ...p-0.231.100-pathconf-_PC_CHOWN_RESTRICTED.patch | 68 ++++++++++++++++++++++ 2 files changed, 89 insertions(+)
