PerlApp created executable not running with nonexec permission on /tmp directory

Posted by munish.usit@gmail.com on 2016-08-31 21:04

Hi,

We are using PerlApp to create freestanding executable from perl script.
When the executable built with PerlApp runs, it extracts its dynamic object files in the /tmp/pdk directory. However, it is not working on those systems which have some security permission like nonexec and non writable on /tmp directory.

Our application run on different ports and the problem is same on Window,Linu and AIX platform.

Is there any solution to link all the perl libraries in the executable itself so that when application run it loads the libraries directly from memory without ever writing them to disk.

Thanks,
Munish

grahams
ActiveState Staff
Thu, 2016-09-01 08:55

PerlApp already loads as much as possible into memory. If it needs to use /tmp for resources it's because those resources can't be reliably loaded from memory. It's the dynamic loader that handles finding the objects. Consistently changing that behaviour needs an operating system hack.

If you can require your users to create a new "tmp" area with write and execute permissions, you can rewrap your script using:
--tmpdir path
Specify an alternate location for the /tmp directory. This can be used in scenarios where /tmp is not writeable (e.g. for some virtual web servers hosted by ISPs). This option should only be used with an absolute pathname.
tmpdir cannot be changed retroactively. Existing wrapped files would need to be replaced.

If that's not possible, a workaround is to avoid using binary modules.
Another workaround is to custom compile the binary modules so that all resources are static linked. This results in very large files, and can have significant licensing liability.

munish.usit@gma... | Mon, 2016-09-05 22:57

Hi Grahams,

Thanks for providing detailed information.
The first solution - alternative temp dir path is not feasible for us as our customer doesn't recommend to create an alternative temp directory.

However, I can work on the second option. Could you please help me out on this and provide more information on how to statically compile the binary modules.

Thanks,
Munish

grahams
ActiveState Staff
Tue, 2016-09-06 10:47

We don't offer support on the usage of compilers or on the issues that can occur when compiling Perl.

StackOverflow does have some discussions that are related. IE:
http://stackoverflow.com/questions/6578484/telling-gcc-directly-to-link-...