Beefy Boxes and Bandwidth Generously Provided by pair Networks
The stupid question is the question not asked
 
PerlMonks  

Re^2: Malware on CPAN

by Anonymous Monk
on Jun 20, 2012 at 06:15 UTC ( #977232=note: print w/ replies, xml ) Need Help??


in reply to Re: Malware on CPAN
in thread Malware on CPAN

I know of 3 in the last 12 years which were quasi-fishy uploads with potential

Mostly its just tar permissions nonsense that linux folks complain to win32 folks -- PAUSE was updated to deal with that (withoutworldwritables)

There was one real phone-home thing, and the author took to the criticism, and stopped doing that

Lots of net/web modules use real-live urls for testing, or try to start servers on local-network instead of explicitly localhost -- I keep fighting this one, but nothing nefarious

There is one thing still on CPAN which could be used for perl rootkits ( i don't want to publicize it) but its NA (45) UNKNOWN (155)


Comment on Re^2: Malware on CPAN
Re^3: Malware on CPAN
by moritz (Cardinal) on Jun 20, 2012 at 07:36 UTC

      Well, I already raised the issue once in opinions on, feel free to take it up :)

        Feel free to actually link to the post you want people to look at.

        As long as you stick to unsubstantiated claims and vague links leading nowhere, I call you a troll spreading FUD.

        Are you referring to opinions on Win32::Process::Hide, and think it's bad because hiding processes is what some malware does?

        If yes, I must say that it's a tool, and there may well be legitimate use cases. Just like port scanners, which are sometimes slammed as "hacker tools", but really useful in practice. At the very least the module is not malicious in the sense that it does harm to your system without indicating so in the documentation.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://977232]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others avoiding work at the Monastery: (7)
As of 2014-12-18 06:27 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (43 votes), past polls