Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl Monk, Perl Meditation
 
PerlMonks  

Re^2: How to answer "Perl is not secure" objections?

by grinder (Bishop)
on Sep 07, 2007 at 07:19 UTC ( #637595=note: print w/ replies, xml ) Need Help??


in reply to Re: How to answer "Perl is not secure" objections?
in thread How to answer "Perl is not secure" objections?

'Perl has bindings into OS calls that bypass OS security'.
The only way I can read that is as "our OS is insecure".

Quite. For instance, I wrote BSD::Sysctl, a module to allow you to manipulate FreeBSD sysctl kernel variables. If you're an ordinary user, you can only read the values. If you try to set a value... nothing happens (apart from an error condition returned by the kernel system call).

You have to have superuser privileges in order to change a variable. So if you're already root, everything becomes insecure!.

I'm sure if someone figured out how to set sysctl variables as an ordinary user in Perl, that the technique used would be completely language-independent (that is, the result of an exposed flaw in the OS).

• another intruder with the mooring in the heart of the Perl


Comment on Re^2: How to answer "Perl is not secure" objections?

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://637595]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others surveying the Monastery: (9)
As of 2014-09-01 14:56 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite cookbook is:










    Results (13 votes), past polls