* Disable taint checking for all builds as people keep complaining about it,

  and since all versions of perl seem to be hopelessly broken.

diff --git a/Makefile.PL b/Makefile.PL
index cfaa6e6cda31701b03fd8edb15cc48ff4e21fdad..6162743f3e9e67b85bab78915d708715ef27795d 100755 (executable)
--- a/Makefile.PL
+++ b/Makefile.PL
@@ -23,7 +23,7 @@ PROBABLE_INST_LIB=$(shell \\
        fi \\
 )
 
-tflag=$(shell if [ "$$NOTAINT" != 1 ]; then printf -- "-T"; fi)
+tflag=$(shell if [ -n "$$NOTAINT" ] && [ "$$NOTAINT" != 1 ]; then printf -- "-T"; fi)
 extramodules=$(shell if [ "$$PROFILE" = 1 ]; then printf -- "-MDevel::Profiler"; fi)
 
 ikiwiki.out: ikiwiki.in

diff --git a/README b/README
index ba632a300399d4a58c1242435f17a447a35ef914..488ef7191596253107cc6e63814c4b313d4fb2fd 100644 (file)
--- a/README
+++ b/README
@@ -5,7 +5,7 @@ A few special variables you can set while using the Makefile:
 
 PROFILE=1 turns on profiling for the build of the doc wiki. Uses Devel::Profile
 
-NOTAINT=1 turns off the taint flag in the ikiwiki program. (Recommended
+NOTAINT=0 turns on the taint flag in the ikiwiki program. (Not recommended
 unless your perl is less buggy than mine -- see
 http://bugs.debian.org/411786)
 

diff --git a/debian/changelog b/debian/changelog
index cd66d3c5b77149b938dddfacac4800e443c8c6e6..093ca0f6cbd3bd9ad489a3cb6e855c00d995ac12 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -44,6 +44,8 @@ ikiwiki (2.40) UNRELEASED; urgency=low
     about any other files rendered due to the page. The scan also turns out
     to be unnecessary now, since meta persistently stores state and it's
     always available. So it was just removed.
+  * Disable taint checking for all builds as people keep complaining about it,
+    and since all versions of perl seem to be hopelessly broken.
 
  -- Josh Triplett <josh@freedesktop.org>  Sun, 10 Feb 2008 13:18:58 -0800
 

diff --git a/debian/rules b/debian/rules
index bf0c65a43e6a1b93de4ce764fbd021ca02593442..af33131d9b92554414e67258a2aa397374ef5ce3 100755 (executable)
--- a/debian/rules
+++ b/debian/rules
@@ -4,8 +4,7 @@ build: build-stamp
 build-stamp:
        dh_testdir
        perl Makefile.PL PREFIX=/usr INSTALLDIRS=vendor
-       # taint checking disabled due to perl bug #411786
-       NOTAINT=1 $(MAKE)
+       $(MAKE)
        $(MAKE) test
        touch build-stamp
 

diff --git a/doc/bugs/Insecure_dependency_in_utime.mdwn b/doc/bugs/Insecure_dependency_in_utime.mdwn
index f10905849b946e4bcb6c8856d226e64c62724ee5..de20385f61cea7f519ec92017a53cab62228031b 100644 (file)
--- a/doc/bugs/Insecure_dependency_in_utime.mdwn
+++ b/doc/bugs/Insecure_dependency_in_utime.mdwn
@@ -6,3 +6,9 @@ This was in ikiwiki\_2.32.3.
 I worked-around this by doing:
 
         utime IkiWiki::possibly_foolish_untaint($change->{when}), IkiWiki::possibly_foolish_untaint($change->{when}), "$config{srcdir}/$file
+
+> Don't build ikiwiki with taint checking. It's known to be broken in
+> apparently all versions of perl, apparently leaking taint flags at random.
+> See [[Insecure_dependency_in_mkdir]] --[[Joey]]
+
+[[tag done]]

diff --git a/po/ikiwiki.pot b/po/ikiwiki.pot
index 011ed3e986cd3fcb69e1b852fafe82dab914318a..1ccb583a74b2bc7cc8db90a94844375aa85eedfa 100644 (file)
--- a/po/ikiwiki.pot
+++ b/po/ikiwiki.pot
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2008-02-11 23:03-0500\n"
+"POT-Creation-Date: 2008-02-24 15:37-0500\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -46,24 +46,24 @@ msgid "%s is not an editable page"
 msgstr ""
 
 #: ../IkiWiki/CGI.pm:384 ../IkiWiki/Plugin/brokenlinks.pm:24
-#: ../IkiWiki/Plugin/inline.pm:242 ../IkiWiki/Plugin/opendiscussion.pm:17
+#: ../IkiWiki/Plugin/inline.pm:237 ../IkiWiki/Plugin/opendiscussion.pm:17
 #: ../IkiWiki/Plugin/orphans.pm:28 ../IkiWiki/Render.pm:95
 #: ../IkiWiki/Render.pm:172
 msgid "discussion"
 msgstr ""
 
-#: ../IkiWiki/CGI.pm:431
+#: ../IkiWiki/CGI.pm:440
 #, perl-format
 msgid "creating %s"
 msgstr ""
 
-#: ../IkiWiki/CGI.pm:449 ../IkiWiki/CGI.pm:467 ../IkiWiki/CGI.pm:477
-#: ../IkiWiki/CGI.pm:511 ../IkiWiki/CGI.pm:555
+#: ../IkiWiki/CGI.pm:458 ../IkiWiki/CGI.pm:476 ../IkiWiki/CGI.pm:486
+#: ../IkiWiki/CGI.pm:520 ../IkiWiki/CGI.pm:564
 #, perl-format
 msgid "editing %s"
 msgstr ""
 
-#: ../IkiWiki/CGI.pm:644
+#: ../IkiWiki/CGI.pm:653
 msgid "You are banned."
 msgstr ""
 
@@ -209,20 +209,20 @@ msgstr ""
 msgid "unknown sort type %s"
 msgstr ""
 
-#: ../IkiWiki/Plugin/inline.pm:201
+#: ../IkiWiki/Plugin/inline.pm:196
 msgid "Add a new post titled:"
 msgstr ""
 
-#: ../IkiWiki/Plugin/inline.pm:217
+#: ../IkiWiki/Plugin/inline.pm:212
 #, perl-format
 msgid "nonexistant template %s"
 msgstr ""
 
-#: ../IkiWiki/Plugin/inline.pm:250 ../IkiWiki/Render.pm:99
+#: ../IkiWiki/Plugin/inline.pm:245 ../IkiWiki/Render.pm:99
 msgid "Discussion"
 msgstr ""
 
-#: ../IkiWiki/Plugin/inline.pm:468
+#: ../IkiWiki/Plugin/inline.pm:463
 msgid "RPC::XML::Client not found, not pinging"
 msgstr ""