http://www.perlmonks.org?node_id=418065

I posted here several months ago regarding a security alert on bugtraq regarding Safe. Recently, I've been made aware of an email exchange in the past week with tbunce regarding Safe in which he says:
Tim Bunce <xxxxx@xxxxx.xxxxx> writes: > Safe was a failed experiment. I don't maintain it. > > Tim. > > On Sun, Dec 19, 2004 at 02:23:07AM +0000, Terrence Brannon wrote: >> Hi Tim, >> >> I am trying to update a CPAN module named Resources: >> >> http://search.cpan.org/dist/Resources >> >> After running make test on it, the module opens an editor and then >> after I exit the editor, the test fails with this error: >> >> (in cleanup) Can't use an undefined value as a symbol refere +nce >> at /usr/lib/perl/5.8/Safe.pm line 99 during global destructi +on. >> >> The reason I am writing you about this is twofold: >> >> 1/ the AUTHOR section indicates you were the last to update Safe >> 2/ the AUTHOR section has an old email address for you which you mi +ght >> want to change: >> >> xxxxx@xxxxx.xxxxx >> >> Cheers, >> Terrence >>

I don't know about you, but that bothers me significantly. However, I haven't seen anything anywhere regarding this. What information do others have regarding the safety of Safe?

Edited by Chady -- obscured email address.

Update: I added the whole email thread as it was given to me.

Being right, does not endow the right to be rude; politeness costs nothing.
Being unknowing, is not the same as being stupid.
Expressing a contrary opinion, whether to the individual or the group, is more often a sign of deeper thought than of cantankerous belligerence.
Do not mistake your goals as the only goals; your opinion as the only opinion; your confidence as correctness. Saying you know better is not the same as explaining you know better.

Replies are listed 'Best First'.
Re: Safe.pm considered unsafe?
by perrin (Chancellor) on Dec 30, 2004 at 02:31 UTC
    I don't know anyone who uses Safe in a production environment, and I would certainly never do it. Unlike taint mode, it just doesn't get enough attention to trust it.
      Unless the PAUSE docs are out of date, it uses it:
      Please make sure all your *.pm files contain a $VERSION variable that conforms to the CPAN rules, i.e. the complete computation of $VERSION must take place on the one first line within the module that assigns to it. You can test if this is the case by running
      perl -MExtUtils::MakeMaker -le 'print MM->parse_version(shift)' 'fil +e'
      on the filenames in question. The CPAN indexer will run this code within a Safe compartement, so maybe even if the above command succeeds, PAUSE may fail if you're doing file IO or other potentially dangerous things within that line.
      Reviving a thread five years old, yeah!

      There have been a lot of people using it in production for a long time. It is a great module as long as you realize it is for protecting users from themselves, i.e. disallowing open() and such. It is not for securing a system.
Re: Safe.pm considered unsafe?
by Joost (Canon) on Dec 30, 2004 at 01:08 UTC