Beefy Boxes and Bandwidth Generously Provided by pair Networks
Clear questions and runnable code
get the best and fastest answer

Re^2: Perl 'executable'

by Xilman (Hermit)
on Oct 22, 2010 at 13:32 UTC ( [id://866810] : note . print w/replies, xml ) Need Help??

in reply to Re: Perl 'executable'
in thread Perl 'executable'

"I would be very suspicious of any binary I was asked to run, unless I compiled it myself."

Really? I guess you must be running Gentoo then, and even then bootstrapped your own compiler from hand-written assembler in order to get the initial gcc working from code you trust.

There are times when you just have to trust a binary whether you like it or not. Reflections on Trusting Trust has a valuable take on the issue.


Replies are listed 'Best First'.
Re^3: Perl 'executable'
by zentara (Archbishop) on Oct 22, 2010 at 13:58 UTC
    I agree, but there are certain tradeoffs in trust. I do keep a watch over the software than comes in precompiled form.

    I make a distinction in trust levels.

    I would be more likely to trust a binary that comes from a prebuilt distribution, like Ubuntu; than from some perl hacker who claims he/she dosn't want me to see what the script does. There is just an obvious difference there in threat level.

    At least the distributions make their source packages available. Will the perl hacker make his uncompiled source script available to me?

    I'm not really a human, but I play one on earth.
    Old Perl Programmer Haiku ................... flash japh