This is a good point, and it's something that always been something that's
worried me at the back of my mind, for the whole point of this section is
to convince people to download load code whose meaning is purposely rendered
opaque... and then get them to run it!
There are a number of actions, depending on your level of paranoia, that
you can take:
- Try and understand how the code works before blindly running it. Use
perl -MO=Deparse to reformat the script to something reasonable. Or use
Perltidy. Note that some scripts gleefully include syntax contstructs designed to make Deparse melt down on purpose. And code embedded in variables is impervious to this approach.
- Only run code from monks you know, or monks that other monks can vouch for.
This means: don't run obfus from someone whose account is less than a month old.
Wait until they "prove their worth" with posts in other parts of the monastery.
Check their homenode. Find out if they have any other monks who are friends or colleagues.
Downside: note that you still can't really be sure where the code came from. The 59 /e obfu was posted by BooK, but that only means it came from a computer that was successfully authenticated against the perlmonks BooK account. That does not necessarily mean Philippe Bruhat, a person I will
personally vouch for, actually posted the code.
- Run the code step by step in the debugger. This is a particularly effective method for understanding how the code does its thing. Downside: some scripts
gleefully include code to bust the debugger.
- Run the code as nobody, or similar unprivileged account.
- Run the code in a chroot'ed jail.
- Run the code in a Safe compartment.
If you are unsure, wait. Wait until you see replies posted to the node. If in
doubt, ask a question in the Chatterbox. If a trojan is ever posted, and one day, one will be, it will be spotted quickly and the appropriate steps will be
taken.
Semantic quibble: it's not a problem of viruses per se but rather one of trojans.
--
g r i n d e r
Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
Read Where should I post X? if you're not absolutely sure you're posting in the right place.
Please read these before you post! —
Posts may use any of the Perl Monks Approved HTML tags:
- a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
| |
For: |
|
Use: |
| & | | & |
| < | | < |
| > | | > |
| [ | | [ |
| ] | | ] |
Link using PerlMonks shortcuts! What shortcuts can I use for linking?
See Writeup Formatting Tips and other pages linked from there for more info.