SPUG: Perl FUD
William Julien
moonbeam at catmanor.com
Tue Jul 25 13:51:56 CDT 2000
>
>> Given security issues, is it a good idea to be using PERL for our
>> tools?
>
>Does anyone have any good advice on how to respond to this? Keep in
>mind that this guy is my boss :-).
>
>Thanks
>Paul Farrall
>
How about quoting back to your boss the first paragraph in perldoc perlsec?
Perl is designed to make it easy to program securely even
when running with extra privileges, like setuid or setgid
programs. Unlike most command line shells, which are
based on multiple substitution passes on each line of the
script, Perl uses a more conventional evaluation scheme
with fewer hidden snags. Additionally, because the
language has more builtin functionality, it can rely less
upon external (and possibly untrustworthy) programs to
accomplish its purposes.
William Julien _,'| _.-''``-...___..--';
moonbeam at catmanor.com /, \'. _..-' , ,--...--'''
vi is my shepherd; < \ .`--''' ` /|
i shall not font. `-,;' ; ; ;
__...--'' __...--_..' .;.'
(,__....----''' (,..--''
perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
POST TO: spug-list at pm.org PROBLEMS: owner-spug-list at pm.org
Subscriptions; Email to majordomo at pm.org: ACTION LIST EMAIL
Replace ACTION by subscribe or unsubscribe, EMAIL by your Email-address
For full traffic, use spug-list for LIST ; otherwise use spug-list-digest
Seattle Perl Users Group (SPUG) Home Page: http://www.halcyon.com/spug/
More information about the spug-list
mailing list