Re: Potentially insecure Perl scripts

To: debian-devel@lists.debian.org
Subject: Re: Potentially insecure Perl scripts
From: Alex Mestiashvili <amestia@rsh2.donotuse.de>
Date: Wed, 23 Jan 2019 17:23:10 +0100
Message-id: <[🔎] 9bc33706-d910-829c-3486-b8968454ad10@rsh2.donotuse.de>
In-reply-to: <[🔎] 20190123154407.GA15242@cventin.lip.ens-lyon.fr>
References: <[🔎] 20190123130554.GA23813@cventin.lip.ens-lyon.fr> <[🔎] 23624.35056.535579.997708@chiark.greenend.org.uk> <[🔎] 20190123154407.GA15242@cventin.lip.ens-lyon.fr>

On 1/23/19 4:44 PM, Vincent Lefevre wrote:
> On 2019-01-23 15:32:00 +0000, Ian Jackson wrote:
>> This is completely mad and IMO the bug is in perl, not in all of the
>> millions of perl scripts that used <> thinking it was a sensible thing
>> to write.
> 
> I agree that it would be better to drop this "feature" of Perl.
> It is probably never used, and probably useless (I would rather
> use the features from the shell if I need a pipe).

Perl's open is well documented. Quoting the perlipc:

"it's much more efficient to process the file one line or record at a
time because then you don't have to read the whole thing into memory at
once."

Please stop making python out of perl :)

Reply to:

Follow-Ups:
- Re: Potentially insecure Perl scripts
  - From: Colin Watson <cjwatson@debian.org>
- Re: Potentially insecure Perl scripts
  - From: Vincent Lefevre <vincent@vinc17.net>

References:
- Potentially insecure Perl scripts
  - From: Vincent Lefevre <vincent@vinc17.net>
- Re: Potentially insecure Perl scripts
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Re: Potentially insecure Perl scripts
  - From: Vincent Lefevre <vincent@vinc17.net>

Prev by Date: Re: Potentially insecure Perl scripts
Next by Date: Re: Potentially insecure Perl scripts
Previous by thread: Re: Potentially insecure Perl scripts
Next by thread: Re: Potentially insecure Perl scripts
Index(es):
- Date
- Thread