'Perl has bindings into OS calls that bypass OS security'.
The only way I can read that is as "our OS is insecure".
Quite. For instance, I wrote BSD::Sysctl, a module to allow you to manipulate FreeBSD sysctl kernel variables. If you're an ordinary user, you can only read the values. If you try to set a value... nothing happens (apart from an error condition returned by the kernel system call).
You have to have superuser privileges in order to change a variable. So if you're already root, everything becomes insecure!.
I'm sure if someone figured out how to set sysctl variables as an ordinary user in Perl, that the technique used would be completely language-independent (that is, the result of an exposed flaw in the OS).
• another intruder with the mooring in the heart of the Perl
|