Beefy Boxes and Bandwidth Generously Provided by pair Networks
Just another Perl shrine
 
PerlMonks  

Re: Malware on CPAN

by moritz (Cardinal)
on Jun 20, 2012 at 05:16 UTC ( #977221=note: print w/ replies, xml ) Need Help??


in reply to Malware on CPAN

I haven't heard of any malicious code upload to CPAN.


Comment on Re: Malware on CPAN
Re^2: Malware on CPAN
by Anonymous Monk on Jun 20, 2012 at 06:15 UTC

    I know of 3 in the last 12 years which were quasi-fishy uploads with potential

    Mostly its just tar permissions nonsense that linux folks complain to win32 folks -- PAUSE was updated to deal with that (withoutworldwritables)

    There was one real phone-home thing, and the author took to the criticism, and stopped doing that

    Lots of net/web modules use real-live urls for testing, or try to start servers on local-network instead of explicitly localhost -- I keep fighting this one, but nothing nefarious

    There is one thing still on CPAN which could be used for perl rootkits ( i don't want to publicize it) but its NA (45) UNKNOWN (155)

        Well, I already raised the issue once in opinions on, feel free to take it up :)

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://977221]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (3)
As of 2014-07-30 22:12 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite superfluous repetitious redundant duplicative phrase is:









    Results (241 votes), past polls