Front page | perl.perl5.porters |
Postings from July 2011
On 07/20/2011 07:40 AM, David Golden wrote: > On Wed, Jul 20, 2011 at 8:20 AM, Abigail<abigail@abigail.be> wrote: >> And we help (beginners or otherwise) even less by pretending B doesn't >> exists, or (worse) that it's something evil. > > Absolutely, but in a tutorial, it should be fine to show B briefly (so > they know it exists) and point them to other reference documentation > for more information if they need it. > >> Don't forget we all dealt well with 2-arg open for a decade and a half >> without our servers being hijacked by every script that opened a file. > > Touché. > > -- David > I don't agree with what I think I hear here. That decade and a half was before people were concerned with security. Unix didn't have /etc/shadow for the first ~18 years of its existence. I have a no-longer needed wet suit that I'm afraid to sell or give away because it has my U.S. social security number written in it, back before identity theft, and when that was the accepted way to allow police who recovered stolen property to contact the proper owner. I trust that if we were designing the :utf8 layer again, we wouldn't have made the default be lax. My eyes were opened at a class on security I took at $work, maybe 15 years ago. We were proud of our security, and we were a big target for hackers. The instructor had some software that monitored the network. There were many attacks in progress INSIDE our firewall. I believe the 3-argument open should be the one stressed in a tutorial.Thread Previous | Thread Next