Web lists-archives.com

Re: Potentially insecure Perl scripts




Mark Fowler writes ("Re: Potentially insecure Perl scripts"):
> Wouldn't a less drastic approach be to change the vulnerable scripts to use
> <<>> instead of <>?

That is surely a much more drastic change.  It would invoke changing
probably literally millions of scripts.

Even if we care only about scripts which are part of Debian, rather
than scripts which people merely expect to run on Debian (and where
they trust Debian to not blow their leg off), there will probably be
many thousands.

Ian.

-- 
Ian Jackson <ijackson@xxxxxxxxxxxxxxxxxxxxxx>   These opinions are my own.

If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.