Beefy Boxes and Bandwidth Generously Provided by pair Networks
We don't bite newbies here... much

Re^2: Malware on CPAN

by Anonymous Monk
on Jun 20, 2012 at 06:15 UTC ( #977232=note: print w/replies, xml ) Need Help??

in reply to Re: Malware on CPAN
in thread Malware on CPAN

I know of 3 in the last 12 years which were quasi-fishy uploads with potential

Mostly its just tar permissions nonsense that linux folks complain to win32 folks -- PAUSE was updated to deal with that (withoutworldwritables)

There was one real phone-home thing, and the author took to the criticism, and stopped doing that

Lots of net/web modules use real-live urls for testing, or try to start servers on local-network instead of explicitly localhost -- I keep fighting this one, but nothing nefarious

There is one thing still on CPAN which could be used for perl rootkits ( i don't want to publicize it) but its NA (45) UNKNOWN (155)

Replies are listed 'Best First'.
Re^3: Malware on CPAN
by moritz (Cardinal) on Jun 20, 2012 at 07:36 UTC

      Well, I already raised the issue once in opinions on, feel free to take it up :)

        As long as you stick to unsubstantiated claims and vague links leading nowhere, I call you a troll spreading FUD.

        Are you referring to opinions on Win32::Process::Hide, and think it's bad because hiding processes is what some malware does?

        If yes, I must say that it's a tool, and there may well be legitimate use cases. Just like port scanners, which are sometimes slammed as "hacker tools", but really useful in practice. At the very least the module is not malicious in the sense that it does harm to your system without indicating so in the documentation.

        Feel free to actually link to the post you want people to look at.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://977232]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others rifling through the Monastery: (3)
As of 2018-05-21 23:43 GMT
Find Nodes?
    Voting Booth?