Just another Perl shrine | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
Yeah, an earlier draft of my response included a description of how I wasn't at all worried about somebody being able to inject code into my Perl script and then deciding that the thing to do with that power is to use some syntax ambiguity. It seems pretty silly to me, especially since the attacker would have to inject the code before my code is compiled. You can't theorize some "stack overflow" attack doing it. But reading the article, I saw that they weren't describing what I would call a "vulnerability". The example was clearly somebody introducing the error by accident. They even described it as "with the best intentions". So I deleted the argument about how I didn't care about the "vulnerability" angle and considered whether I was worried about the "oops" angle. I tend to actually worry about "oops" possibilities. But this one didn't seem very plausible to me, especially not the way I program. - tye In reply to Re^10: The Most Essential Perl Development Tools Today (vulnerability)
by tye
|
|