Web lists-archives.com

Re: Potentially insecure Perl scripts




Ben Hutchings <ben@xxxxxxxxxxxxxxx> writes:

> People have said this about ASLR, protected symlinks, and many other
> kinds of security hardening changes.  We made them anyway and took the
> temporary pain for a long-term security gain.

Well, Perl has a deprecation mechanism with warnings and so forth,
although I don't think Perl has ever actively broken a feature outside of
"use <version>" with a later version, except for features marked as
experimental.  But I suppose it's possible.

Good luck with that -- there was a long discussion about this when <<>>
was introduced, and as one can tell, that viewpoint did not prevail.
Maybe it's used less now and it might be easier to get rid of it?

-- 
Russ Allbery (rra@xxxxxxxxxx)               <http://www.eyrie.org/~eagle/>