Re: Secure deployment of binary perl modules

Replies are listed 'Best First'.
Re^2: Secure deployment of binary perl modules by Moron (Curate) on Mar 19, 2007 at 13:48 UTC
I understood the OP to be implying that whoever is enforcing the security policy thinks the perl binary is a compiler or is categorising it as such for security purposes. -M Free your mind	[reply]
Re^3: Secure deployment of binary perl modules by Fletch (Bishop) on Mar 19, 2007 at 14:13 UTC
You've probably misunderstood then. It's a somewhat common practice to remove (or not install initially) the C compiler on machines that are exposed to the wild (e.g. on the Internet directly or in a DMZ). In this case you're in the same boat as most Wintendo users in that you don't have a compiler available to install Perl modules with a C component (then again attackers don't have a ready means to compile exploit code on the box either). Granted it's a minor speed bump (especially if you're talking a common platform), but it can be worked around (unfortunately just as easily by both the white and black hats).	[reply]
Re^4: Secure deployment of binary perl modules by Moron (Curate) on Mar 19, 2007 at 15:00 UTC
But if that were the only issue then the OP question would be too easy ;) -M Free your mind	[reply]
Re^3: Secure deployment of binary perl modules by chargrill (Parson) on Mar 19, 2007 at 14:07 UTC
It'd be a little tough to run any perl code then. Or make use of any perl modules. --chargrill `s*lil; $=join'',sort split q; s;.;grr; &&s+(.(.)).+$2$1+; $; = qq-$_-;s,.,ahc,;$,.=chop for split q,,,reverse;print for($,,$;,$,$/)` [download]	[reply] [d/l]
Re^3: Secure deployment of binary perl modules by dragonchild (Archbishop) on Mar 19, 2007 at 14:10 UTC
Hmmm ... maybe we should publicise this. Perl is finally a compiled language! :-) My criteria for good software: Does it work? Can someone else come in, make a change, and be reasonably certain no bugs were introduced?	[reply]