in reply to Re: why suidperl is symlink to perl?
in thread why suidperl is symlink to perl?

Interesting; that advisory points out that 5.6.0 and later versions are not vulnerable.

Replies are listed 'Best First'.
Re^3: why suidperl is symlink to perl?
by gellyfish (Monsignor) on Jan 19, 2005 at 17:34 UTC

    Yeah, I couldn't be bothered to search for it earlier but to get the full flavour see the Original thread on p5p

    /J\

[reply]
      Interesting reading, thanks for the link. My HO is that there wasn't an *overwhelming* reason to do one or the other (keep it or junk it); but seeing as this is security and there was nobody actually taking up the care and feeding of the feauture, it's probably OK that the decision fell to the drop end of the scales.

      (Someone did volunteer to run an audit but I could't find any results; someone was using the feature but people offered what seems to've been a fair workaround; this was an opportunity to remove cruft.)

[reply]
Re^3: why suidperl is symlink to perl?
by ysth (Canon) on Jan 20, 2005 at 09:13 UTC
    And IIRC that's one of the very few non make-it-work-with-newer-compilers-and-libraries changes that went into 5.005_04.
[reply]

In Section Seekers of Perl Wisdom