Beefy Boxes and Bandwidth Generously Provided by pair Networks
laziness, impatience, and hubris
 
PerlMonks  

Re^3: JSON::XS and unicode

by fluffyvoidwarrior (Monk)
on Sep 10, 2012 at 11:24 UTC ( #992726=note: print w/ replies, xml ) Need Help??


in reply to Re^2: JSON::XS and unicode
in thread JSON::XS and unicode

Indeed, yes. No-one in their right mind would actively and intentionally execute passed code. Maybe I'm paranoid, but I won't have executable code coming in from the network under any circumstances. Before I'll accept it, it must be not capable of being executed. Accepting executable code and then trusting that it will never be called... erm... Just seems to me that if you were going to attack a system you would look very closely at JSON and related parsing mechanisms because code is, by definition, already accepted. You're already half way there. In fact you have been supplied with a ready built framework for injecting your malice. After all, if it isn't runnable code it isn't JSON and PHP plus JSON seems like a perfect storm. It's just not likely to be failsafe. At least Perl can be made failsafe.


Comment on Re^3: JSON::XS and unicode

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://992726]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others surveying the Monastery: (10)
As of 2014-07-24 07:58 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite superfluous repetitious redundant duplicative phrase is:









    Results (158 votes), past polls