The Perl Jam 2: The Camel Strikes Back (32c3) https://www.youtube.com/watch?v=eH_u3C2WwQ0
Link to discussion of last year's talk: 1111750
I cringed the first talk, but it seems like this talk is more productive. Summary:
- Hashes and arrays are considered "secure" (???)
- SQL injections happen when you don't sanitize input (not exactly groundbreaking)
- Results from various CGI-like modules are not standardized
- Real bug in example CGI.pm code
- <> does strange things when given something other than a file (strange to anyone who hasn't memorized the camel book)
- open() creates a file descriptor unless it's used with | in which case it executes
Back to
Meditations