Potentially insecure Perl scripts
Ian Jackson
ijackson at chiark.greenend.org.uk
Thu Jan 24 20:42:14 GMT 2019
Mark Fowler writes ("Re: Potentially insecure Perl scripts"):
> Wouldn't a less drastic approach be to change the vulnerable scripts to use
> <<>> instead of <>?
That is surely a much more drastic change. It would invoke changing
probably literally millions of scripts.
Even if we care only about scripts which are part of Debian, rather
than scripts which people merely expect to run on Debian (and where
they trust Debian to not blow their leg off), there will probably be
many thousands.
Ian.
--
Ian Jackson <ijackson at chiark.greenend.org.uk> These opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.
More information about the Perl-maintainers
mailing list