Re: Malware on CPAN

http://www.perlmonks.org?node_id=977221

in reply to Malware on CPAN

I haven't heard of any malicious code upload to CPAN.

Perl 6 - the future is here, just unevenly distributed

Comment on Re: Malware on CPAN

Replies are listed 'Best First'.
Re^2: Malware on CPAN by Anonymous Monk on Jun 20, 2012 at 06:15 UTC
I know of 3 in the last 12 years which were quasi-fishy uploads with potential Mostly its just tar permissions nonsense that linux folks complain to win32 folks -- PAUSE was updated to deal with that (withoutworldwritables) There was one real phone-home thing, and the author took to the criticism, and stopped doing that Lots of net/web modules use real-live urls for testing, or try to start servers on local-network instead of explicitly localhost -- I keep fighting this one, but nothing nefarious There is one thing still on CPAN which could be used for perl rootkits ( i don't want to publicize it) but its NA (45) UNKNOWN (155)	[reply]
Re^3: Malware on CPAN by moritz (Cardinal) on Jun 20, 2012 at 07:36 UTC
There is one thing still on CPAN which could be used for perl rootkits If that's a real threat (and not just FUD), you should contact modules@perl.org to discuss it, and maybe request removal of that file. Perl 6 - the future is here, just unevenly distributed	[reply]
Re^4: Malware on CPAN by Anonymous Monk on Jun 20, 2012 at 08:58 UTC
Well, I already raised the issue once in opinions on, feel free to take it up :)	[reply]
Re^5: Malware on CPAN by moritz (Cardinal) on Jun 20, 2012 at 09:30 UTC
A reply falls below the community's threshold of quality. You may see it by logging in.
Re^5: Malware on CPAN by marto (Cardinal) on Jun 20, 2012 at 09:06 UTC
Re^6: Malware on CPAN by Anonymous Monk on Jun 20, 2012 at 09:10 UTC
Some notes below your chosen depth have not been shown here

In Section Seekers of Perl Wisdom