Re^2: copyfail challenge: making Perl version smaller

> but I guess the PR value of having a "really low number of bytes" in the headline is high.

I'm not sure about that PR value.

The most likely way for outside attackers is to hide the exploit inside some "harmless" script/module.

The message now is that all Python code is potentially dangerous, do we want to push to be in the same spotlight?

Cheers Rolf
_{(addicted to the Perl Programming Language :)

see Wikisyntax for the Monastery}

Comment on Re^2: copyfail challenge: making Perl version smaller

Replies are listed 'Best First'.
Re^3: copyfail challenge: making Perl version smaller by marto (Cardinal) on Apr 30, 2026 at 12:18 UTC
"The message now is that all Python code is potentially dangerous, do we want to push to be in the same spotlight?" I don't think that's the message at all. Don't blindly trust any code you don't understand or aren't as far as is reasonably practicable satisfied with the chain of trust? Don't curl things and pipe it to stuff without know what it's going to do first?	[reply]
Re^4: copyfail challenge: making Perl version smaller by LanX (Saint) on Apr 30, 2026 at 12:30 UTC
So we can trust open source modules? There was a recent blog-/reddit-post about hundreds of pull requests produced by AI and accepted within a week. Some commentators pointed out that some of the original tickets were nonsensical and introduced bugs. Edit: For the record I'm not proclaiming security by obscurity. I'm doubting the PR value. Cheers Rolf _{(addicted to the Perl Programming Language :) see Wikisyntax for the Monastery}	[reply]