I would agree that there is danger during the install
and after the install. I don't agree that
there is not an increased danger during the install if you
are installing modules as root or modifying the
version of perl that root uses.
My primary concern is about attacks that are easy to
automate, difficult to detect, and provide root access.
So I don't install modules for root to use unless they
have been reviewed.
It is more difficult to exploit the capabilities
of other users. Network usage, as sporty points
out, is an example. This is relatively easy to
detect, though.
The only data that I can think of that would be
accessible to non-root, consistent between machines,
and valuable would be found in ms systems. I don't have
very high expectations for security in the ms environment,
though.
It should work perfectly the first time! - toma
Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
Read Where should I post X? if you're not absolutely sure you're posting in the right place.
Please read these before you post! —
Posts may use any of the Perl Monks Approved HTML tags:
- a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
| |
For: |
|
Use: |
| & | | & |
| < | | < |
| > | | > |
| [ | | [ |
| ] | | ] |
Link using PerlMonks shortcuts! What shortcuts can I use for linking?
See Writeup Formatting Tips and other pages linked from there for more info.