go ahead... be a heretic | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
'Perl has bindings into OS calls that bypass OS security'.The only way I can read that is as "our OS is insecure". Quite. For instance, I wrote BSD::Sysctl, a module to allow you to manipulate FreeBSD sysctl kernel variables. If you're an ordinary user, you can only read the values. If you try to set a value... nothing happens (apart from an error condition returned by the kernel system call). You have to have superuser privileges in order to change a variable. So if you're already root, everything becomes insecure!. I'm sure if someone figured out how to set sysctl variables as an ordinary user in Perl, that the technique used would be completely language-independent (that is, the result of an exposed flaw in the OS). • another intruder with the mooring in the heart of the Perl In reply to Re^2: How to answer "Perl is not secure" objections?
by grinder
|
|