Beefy Boxes and Bandwidth Generously Provided by pair Networks
We don't bite newbies here... much

Re: Malware on CPAN

by thomas895 (Chaplain)
on Jun 20, 2012 at 21:50 UTC ( #977482=note: print w/ replies, xml ) Need Help??

in reply to Malware on CPAN

It's called reading the code. Of course, everything can be abused in one way or another, but the trick is to avoid sketchy modules and suspicious authours.
If you are truly paranoid, use a VM image and install it on that to see if it does anything malicious.

Also, while the binary packages for your system can be useful, it's sometimes best to avoid them. On openSUSE, if you become part of the build service, you can upload what you have compiled from the CPAN(for example), with your own malicious tweaks. Of course, that is one way to get nasty emails and negative "internetz". ;-)
As a security precaution, I only use the official repos, which contain tested and verified software. Of course, nothing is guaranteed, and it's always possible something slipped through. Generally, however, I do not use the home:* repos.

confess( "I offer no guarantees on my code." );
Comment on Re: Malware on CPAN
Download Code

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://977482]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others making s'mores by the fire in the courtyard of the Monastery: (6)
As of 2016-05-30 07:35 GMT
Find Nodes?
    Voting Booth?