Re: Perl essential ?
>>>>> "MH" == Marc Haber <firstname.lastname@example.org> writes:
MH> On Fri, 02 Mar 2001 12:31:34 +1100, Glenn McGrath
MH> <email@example.com> wrote:
>> Would it be a good long term goal to remove perl from
>> Esssential and rewrite these scripts for a posix compliant
>> shell or in c.
MH> I would really second this. perl is too powerful to be on a
MH> security relevant system.
IMHO perl scripts can be much more secure that C code and shell code:
1) there is no buffer overflows
2) perl has taint mode (by the way why debian scripts doesnt use it?)
3) shell scripting ofthen very unsecure IMHO because of various shell
expansion feauteres. I admin that I can be wrong here because I'm
not expert in shell scripting (I just prefer Perl for anything more
complex than three lines script :) )
AGAVA Software Company, http://www.agava.com