[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Potentially insecure Perl scripts

Mark Fowler writes ("Re: Potentially insecure Perl scripts"):
> Wouldn't a less drastic approach be to change the vulnerable scripts to use
> <<>> instead of <>?

That is surely a much more drastic change.  It would invoke changing
probably literally millions of scripts.

Even if we care only about scripts which are part of Debian, rather
than scripts which people merely expect to run on Debian (and where
they trust Debian to not blow their leg off), there will probably be
many thousands.


Ian Jackson <ijackson@chiark.greenend.org.uk>   These opinions are my own.

If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.

Reply to: