develooper Front page | perl.perl5.porters | Postings from October 2003

Re: How to tell if Perl has -DDEBUGGING?

Thread Previous | Thread Next
From:
Steve Hay
Date:
October 24, 2003 09:18
Subject:
Re: How to tell if Perl has -DDEBUGGING?
Message ID:
3F994FFF.2060506@uk.radan.com
Casey West wrote:

>It was Friday, October 24, 2003 when Steve Hay took the soap box, saying:
>: Rafael Garcia-Suarez wrote:
>: 
>: >Casey West wrote:
>: > 
>: >
>: >>It was Friday, October 24, 2003 when Steve Hay took the soap box, saying:
>: >>: Is there any way for a Perl module to tell that it is being run by a 
>: >>: Perl that was built with -DDEBUGGING enabled?
>: >>
>: >>Here's my shot.
>: >>
>: >>$ /usr/local/perl/perl/bin/perl5.9.0 -MData::Dumper \
>: >>   -MConfig -le'print Dumper \%Config' | grep -i debug
>: >>         'config_arg2' => '-DDEBUGGING',
>: >>         'config_args' => '-Dusedevel -DDEBUGGING -des 
>: >>         -Dprefix=/usr/local/perl/perl',
>: >>
>: >>   
>: >>
>: >
>: >You don't have it in $Config{ccflags} ? how weird.
>: > 
>: >
>: On my Windows machine I get this:
>: 
>: C:\Radview\Radan\Filter>C:\perl5d\bin\perl -MData::Dumper -MConfig -le 
>: "print Dumper \%Config" | \cygwin\bin\grep -i debug
>:          'ccflags' => '-nologo -Gf -W3 -Od -MD -Zi -DDEBUGGING -DWIN32 
>: -D_CONSOLE -DNO_STRICT -DHAVE_DES_FCRYPT  -DPERL_DEBUGGING_MSTATS 
>: -DUSE_PERLIO -DPERL_MSVCRT_READFIX',
>:          'lddlflags' => '-dll -nologo -nodefaultlib -debug  
>: -libpath:"C:\\perl5d\\lib\\CORE"  -machine:x86',
>:          'ldflags' => '-nologo -nodefaultlib -debug  
>: -libpath:"C:\\perl5d\\lib\\CORE"  -machine:x86',
>:          'optimize' => '-Od -MD -Zi -DDEBUGGING',
>: 
>: which is all well and good, but some devious miscreant could easily edit 
>: their Config.pm file to lie about whether the Perl has DEBUGGING or not.
>
>If I may ask, what are you trying to do that
>
>  a) You think someone would edit Config.pm,
>  b) if they did, they'd be a devious miscreant?
>
>I'm all too curious.
>  
>
I was looking at the Filter::decrypt module as a means of encrypting 
source code.  (And I don't want a flame war about the ethics or merits 
or doing that.)

The documentation suggests statically linking the Filter::decrypt 
extension against a non-DEBUGGING Perl.  I don't want to statically link 
it, but I don't want people (devious miscreants or otherwise) to take 
the dynamically linked module and slap it into their DEBUGGING Perl and 
start hacking either.

It occurred to me that if the module knew for sure whether or not the 
Perl in question was a DEBUGGING Perl then the dynamically linked plan 
is a little safer.

- Steve


Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About