in reply to Building Perl and CPAN Modules Securely from Source
How the command works is "easy":
curl ...This retrieves the URL https://cpanmin.us, which sends back the fatpacked cpanm source code.
perl -
Perl can read a Perl program from STDIN and will then execute it. Here, Perl reads the cpanm source and uses that to install App::cpanminus.
If you want security, using the curl download potentially opens up a hole as somebody could inject arbitrary Perl code in that download. As cpanm still relies on the API hosted for it, this is not a huge risk but maybe somebody can hack the download without disabling the API.
As you have an already working cpan client, using cpan install App::cpanminus seems more secure.
|
|---|