Okay. I have looked at each of those. I guess, I am safe from these, because I don't run third-party code. I try to stay away from that as much as possible. If some program is large and I don't have time to review it, I won't execute it. But as far I am concerned, I don't plan on using a backdoor like putting heredoc at the end of my perl script to try to read someone's memory contents. I try to write useful and safe scripts not use weird tactics to try to break someone's computer or hack into it. I am not a hacker. But see, that's why YOU should upgrade to a more recent version of Perl. I don't have to. As someone who writes and executes his own code, I don't feel like I am in any danger. | [reply] |
| [reply] |
I do host sites which use my perl scripts, yes, but I don't put the value of arguments into system calls or into file open without filtering the incoming characters. Yeah, that would be asking for trouble. I try to stay informed about threats and vulnerabilities that programmers may unintentionally insert into their code. I try to do my part and not write garbage. Lol
| [reply] |
| [reply] |