From: http://rt.cpan.org/Public/Bug/Display.html?id=36982

diff -Naur perl-5.10.0.orig/lib/File/CVE-2008-2827.t perl-5.10.0/lib/File/CVE-2008-2827.t
--- perl-5.10.0.orig/lib/File/CVE-2008-2827.t	1970-01-01 00:00:00.000000000 +0000
+++ perl-5.10.0/lib/File/CVE-2008-2827.t	2008-10-22 00:15:52.000000000 +0000
@@ -0,0 +1,39 @@
+#!perl -w
+
+# Test case derived from http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487319
+
+my $foo = "foo-$$";
+my $bar = "bar-$$";
+
+die "Not clean [$foo] [$bar]" if -e $foo || -e $bar;
+
+eval {
+    symlink($foo, $bar) || die "Can't symlink $foo --> $bar";
+};
+if ($@) {
+    print "1..0 # Skipped: Only systems that can do symlinks are affected\n";
+    print "$@\n";
+    exit;
+}
+
+use Test;
+plan tests => 5;
+
+umask(0027);
+
+# touch foo
+open(my $fh, ">", $foo) || die "Can't create $foo\n";
+close($fh);
+
+my $m = (stat $foo)[2];
+ok(defined $m);
+
+require File::Path;
+ok(File::Path::rmtree($bar));
+ok(!-e $bar);
+
+# If the mode of $foo changed as a result of removing $bar then we are vulnerable
+ok($m, (stat $foo)[2]);
+
+unlink($foo);
+ok(!-e $foo);
diff -Naur perl-5.10.0.orig/lib/File/Path.pm perl-5.10.0/lib/File/Path.pm
--- perl-5.10.0.orig/lib/File/Path.pm	2007-12-18 10:47:07.000000000 +0000
+++ perl-5.10.0/lib/File/Path.pm	2008-10-22 00:15:52.000000000 +0000
@@ -350,9 +350,9 @@
                 next ROOT_DIR;
             }
 
-            my $nperm = $perm & 07777 | 0600;
-            if ($nperm != $perm and not chmod $nperm, $root) {
-                if ($Force_Writeable) {
+            if ($Force_Writeable) {
+                my $nperm = $perm & 07777 | 0600;
+                if ($nperm != $perm and not chmod $nperm, $root) {
                     _error($arg, "cannot make file writeable", $canon);
                 }
             }