Re: Potentially insecure Perl scripts
Ben Hutchings <ben@decadent.org.uk> writes:
> People have said this about ASLR, protected symlinks, and many other
> kinds of security hardening changes. We made them anyway and took the
> temporary pain for a long-term security gain.
Well, Perl has a deprecation mechanism with warnings and so forth,
although I don't think Perl has ever actively broken a feature outside of
"use <version>" with a later version, except for features marked as
experimental. But I suppose it's possible.
Good luck with that -- there was a long discussion about this when <<>>
was introduced, and as one can tell, that viewpoint did not prevail.
Maybe it's used less now and it might be easier to get rid of it?
--
Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>
Reply to: