Re^7: perl pre-execution hook

he can almost certainly also run /usr/bin/perl /tmp/foo.

No, it completely depends on the bug being exploited.

You're approaching this from the point of view that the attacker can run arbitrary commands. If so, why are you ok with just protecting perl?

I'm assuming the OP isn't silly, so that means he's trying to defend against some specific attack.

Comment on Re^7: perl pre-execution hook Download Code

Replies are listed 'Best First'.
Re^8: perl pre-execution hook by Anonyrnous Monk (Hermit) on Jan 04, 2011 at 22:03 UTC
it completely depends on the bug being exploited and as the OP said himself (right above) "executing "perl /tmp/whatever" actually happens alot".	[reply]
Re^9: perl pre-execution hook by ikegami (Patriarch) on Jan 04, 2011 at 22:19 UTC
Yes, noticed.Now it can be ruled out.	[reply]