Re: Re: Blatant security problem in certain CPAN module installs


Pathologically Eclectic Rubbish Lister
	PerlMonks

Re: Re: Blatant security problem in certain CPAN module installs

by tantarbobus (Hermit)

on May 03, 2004 at 06:51 UTC ( [id://349940]=note: print w/replies, xml )

Need Help??

in reply to Re: Blatant security problem in certain CPAN module installs
in thread Blatant security problem in certain CPAN module installs

I think the point of checking is that you can't know what code was run when the module was installed (it could have installed a backdoor, whatever). And for some people that is an unacceptable risk, and they will want to know whether they installed any of the above modules, so that they make take appropriate action.

The Makefile.PL-fetched code gets called only once at the end of the make (assuming that it is the only place the code is called).

Comment on Re: Re: Blatant security problem in certain CPAN module installs

In Section Meditations

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://349940]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others sharing their wisdom with the Monastery: (6)

As of 2024-04-25 07:18 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found