Beefy Boxes and Bandwidth Generously Provided by pair Networks
Problems? Is your data what you think it is?
 
PerlMonks  

Re^4: The Importance of Being Earnest

by radiantmatrix (Parson)
on Sep 22, 2006 at 16:22 UTC ( [id://574401]=note: print w/replies, xml ) Need Help??


in reply to Re^3: The Importance of Being Earnest
in thread The Importance of Being Earnest

If someone has altered and replaced perl itself, then all programs, as you say, have a "huge security hole".

Dude, that was kind of his point. Any application which has dependencies has, as a potential security risk, malicious or accidental alteration of those dependencies. Fortunately, since you weren't using the MD5 for anything (except to display it), your particular implementation doesn't represent a significant risk; the point is, you can't ever say "it has no security holes".

On a side note, one of my clients uses a digest (Digest::SHA-256, in this case) for file integrity checking. As an extra layer of security, files with known digests are fed to the production tool, and its output is checked against a separate implementation of the algorithm (on an off-network machine): if ever they fail to match, the box will be marked compromised and rebuilt.

<radiant.matrix>
A collection of thoughts and links from the minds of geeks
The Code that can be seen is not the true Code
I haven't found a problem yet that can't be solved by a well-placed trebuchet

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://574401]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others romping around the Monastery: (7)
As of 2024-11-04 08:36 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    chatterbot is...






    Results (20 votes). Check out past polls.