Schwern just posted "How (not) To Load a Module..." that goes into great depth about the security risk in loading modules. The (not) funny thing is that none of what he's saying is a risk would be one when running in taint mode. Consider "/tmp/foo.pm" with this: Then consider this example of how Module::Load does [...]
-
Recent Posts
- How I manage new perls with perlbrew
- Anyone want vanillaperl.com?
- OODA vs technical debt
- Why the latest File::Temp might surprise you
- The Annotated Lancaster Consensus
- Perl QA hackathon 2013 wrapup
- CPXXXAN is SexPAN
- UNIVERSAL::new for command line MU
- How I've started managing GitHub pulls
- The GitHub pulls scoreboard says I'm losing
- How to mass-favorite modules on MetaCPAN
- No more copy and paste: How to refactor tests with roles
- Stop Pod tests before they stop you!
- How I'm using Dist::Zilla to give credit to contributors
- HTTP::Tiny now with cookies
Recent Comments
- Al: Nice trick with local::lib. I have been initializing new installs as git repositories so that I can do a hard...
- Michiel: Actually, I own vanillaperl.org. I’d like to offer the same.
- Karen Etheridge: FWIW, everywhere you have ‘system’, I replaced with ‘run’, and: sub run { my...
- Karen Etheridge: > You must install cpanm with perlbrew — if you don’t, weird things can happen when...
- Adam M Dutko: I am trying to build interest in Perl locally, globally and at work. I would love the domain to help me...
Shared Items
- Moritz Onken: Bash completion for cpanm and cpanf
- CPAN Testers' CPAN Author FAQ
- Ricardo SIGNES (rjbs): Will your perl remain supported -- and what does that mean?
- Why I Stuck With Perl
- chromatic: What Else a Method Keyword Could Do
- The Puneet of the Dancer Community
- Know your character classes under different semantics
- f00li5h: dzil: a casual walkthrough of Dist::Zilla
- SmartGit - Finally a Window git client that doesn't suck
- Sinan Unur (Sinan): An Economic Perspective on Marketing Perl
My best stuff
- Dependencies don't matter, but stability does
- Five Test::More features you might not be using yet
- How I use RT for CPAN modules
- Is Javascript the new Perl
- Metabase: Opinions from anyone about anything
- Packages, modules and distributions
- The power of not being all things to all people
- Tools for creating CPAN distributions
- Version numbers should be boring
- Why I'm using Dist::Zilla
Other blogs
Planets
Things I follow
Categories
Archives
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- November 2012
- October 2012
- April 2012
- February 2012
- January 2012
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
RSS Links
Meta