Re^2: Malware on CPAN

in reply to Re: Malware on CPAN
in thread Malware on CPAN

I know of 3 in the last 12 years which were quasi-fishy uploads with potential

Mostly its just tar permissions nonsense that linux folks complain to win32 folks -- PAUSE was updated to deal with that (withoutworldwritables)

There was one real phone-home thing, and the author took to the criticism, and stopped doing that

Lots of net/web modules use real-live urls for testing, or try to start servers on local-network instead of explicitly localhost -- I keep fighting this one, but nothing nefarious

There is one thing still on CPAN which could be used for perl rootkits ( i don't want to publicize it) but its NA (45) UNKNOWN (155)

Comment on Re^2: Malware on CPAN
Re^3: Malware on CPAN by moritz (Cardinal) on Jun 20, 2012 at 07:36 UTC
There is one thing still on CPAN which could be used for perl rootkits If that's a real threat (and not just FUD), you should contact modules@perl.org to discuss it, and maybe request removal of that file. Perl 6 - the future is here, just unevenly distributed	[reply]
Re^4: Malware on CPAN by Anonymous Monk on Jun 20, 2012 at 08:58 UTC
Well, I already raised the issue once in opinions on, feel free to take it up :)	[reply]
Re^5: Malware on CPAN by marto (Chancellor) on Jun 20, 2012 at 09:06 UTC
Feel free to actually link to the post you want people to look at.	[reply]
Re^6: Malware on CPAN by Anonymous Monk on Jun 20, 2012 at 09:10 UTC
Re^7: Malware on CPAN by marto (Chancellor) on Jun 20, 2012 at 09:15 UTC
Some notes below your chosen depth have not been shown here
Re^5: Malware on CPAN by moritz (Cardinal) on Jun 20, 2012 at 09:30 UTC
As long as you stick to unsubstantiated claims and vague links leading nowhere, I call you a troll spreading FUD. Are you referring to opinions on Win32::Process::Hide, and think it's bad because hiding processes is what some malware does? If yes, I must say that it's a tool, and there may well be legitimate use cases. Just like port scanners, which are sometimes slammed as "hacker tools", but really useful in practice. At the very least the module is not malicious in the sense that it does harm to your system without indicating so in the documentation. Perl 6 - the future is here, just unevenly distributed	[reply]
Re^6: Malware on CPAN by Anonymous Monk on Jun 20, 2012 at 09:46 UTC


laziness, impatience, and hubris
	PerlMonks

Re^2: Malware on CPAN

The best material for plates (tableware) is: