in reply to The best part of waking up?

While I see that it's part of your sig, the reference to rm -rf's at the bottom of an obfuscation made me think twice before running it.

In general, I find the fact that we're not plagued by malicious Perl code notable; while obfuscation seems to leave the door open for abuse, I've yet to hear of a case of someone posting a damaging snippet or sneaking a vulnerability into an existing module.

Replies are listed 'Best First'.
Re: Re: The best part of waking up?
by one4k4 (Hermit) on Dec 17, 2003 at 13:03 UTC
    I like your reply. I wondered about that, and you're the first to mention. So, it's gone like the plague. I agree with you though, I often wonder how many obfus could contain an entire copy of Win95C.. just waiting to be activated. ;)


    One4k4 - perlmonks@poorheart.com (www.poorheart.com)
[reply]
Re: Re: The best part of waking up?
by hardburn (Abbot) on Dec 17, 2003 at 14:36 UTC

    /me hopes nobody notices (or runs) the shell script in his sig.

    ----
    I wanted to explore how Perl's closures can be manipulated, and ended up creating an object system by accident.
    -- Schemer

    : () { :|:& };:

    Note: All code is untested, unless otherwise stated

[reply]
[d/l]
      Sure my reply is about a year late but I'm amazed that no one posted a comment about : () { :|:& };: because it's a fork bomb in one line of bash. (The colon is a valid function name.)

      Since this thread was just linked to by Funniest Nodes of 2004 I'm going to reply with this warning. Otherwise I would be tempted to hope as few people saw the command as possible.

      I mean I catch the irony in your post saying you hope people don't run a dangerous command and then including such a command yourself. I find that funny but I'd rather not have people run it on machines they shouldn't by accident.

      I did run a fork bomb I wrote in C on my 486 before I formated the drive a while ago. It was running Slackware 4.0 and even the caps-lock lights and control-alt-delete stopped responding.
[reply]
Re: The best part of waking up?
by jonadab (Parson) on Dec 22, 2003 at 21:13 UTC
    the reference to rm -rf's at the bottom of an obfuscation made me think twice before running it

    If an obfuscator wanted to zap you like that, he'd probably obfuscate the rm -rf somehow. You'd have no warning unless you de-obfuscated the code before running it, or read comments by others who either de-obfuscated it or got bitten. There are an infinite number of ways to obfuscate code, as I'm sure you're aware if you follow this section closely.

    My suggestion is to keep an unprivileged account around for running untrusted code. I'm generally not a big advocate of unprivileged accounts; for normal, everyday use I feel that they cause more inconvenience than they're worth[1]. However, for running untrusted code, or code that processes untrusted data from the internet (especially, any kind of server code), an unprivileged account can save you a lot of grief. If you don't trust an obfu (or whatever other code you don't trust) run it as a user with no privileges, no access to your home directory with your data.

    That said, I'll admit that with obfuscations on Perlmonks I often don't bother, especially if there are already positive comments by monks whose names I recognize. I haven't been bitten yet...

    [1] I say this not to persuade anyone that it's true, nor to start an argument about it (I'm tired of that argument, believe me), but to point out that even someone who holds this view, such as myself, still sees the value of an unprivileged account for running untrusted code. Where you draw the line in terms of what software you choose to trust is another matter. 

    $;=sub{$/};@;=map{my($a,$b)=($_,$;);$;=sub{$a.$b->()}}
split//,".rekcah lreP rehtona tsuJ";$\=$ ;->();print$/

    [download]
[reply]
[d/l]
[select]

In Section Obfuscated Code