develooper Front page | perl.perl5.porters | Postings from July 2008

Re: Alarums and Excursions (was [perl #2783] Security ofARGV?using2-argument open)

Thread Previous
Moritz Lenz
July 29, 2008 04:12
Re: Alarums and Excursions (was [perl #2783] Security ofARGV?using2-argument open)
Message ID:
Abigail wrote:
> If security is an issue, I think the safest way is to tell people *NOW*.
> Patch the documentation if you think it's not clear enough. Write articles
> on Perlmonks. Send errata to book publishers. Speak at a conference.
> Surely that would beat waiting for everyone to upgrade to 5.12.

I think they don't conflict: patch the docs for 5.8.9 and 5.10.1, and
the code for 5.12.

The problem with informing the people out there is that you don't reach
the bulk of perl programmers. Most aren't involved in the community at
all, don't read perlmonks, don't read, don't attend
conferences. That's easy to forget for somebody who is active in the
community and meets all those people who are active as well.

Hell, if they know about basic use of <> already they won't read the
documentation again, even when they upgrade to the next perl version.

(I programmed in perl for about 3 or 4 years before having any contact
to the community. And I didn't know about ARGV's magic. During $work I
made contact with a few other perl programmers in similar circumstances).


Thread Previous Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About