develooper Front page | perl.perl5.porters | Postings from October 2012

Re: Security Issues in perl-5.16.x

Thread Previous | Thread Next
Aristotle Pagaltzis
October 3, 2012 01:44
Re: Security Issues in perl-5.16.x
Message ID:
* Chip Salzenberg <> [2012-10-03 02:15]:
> The answer is: It's silly to assume that just because many or even all
> current systems have no NULs in their filenames, that therefore none
> ever will.

If the documented behaviour becomes that perl refuses to make syscalls
with arguments that these syscalls cannot accept – which on Unix happens
to be when there are NULs in the middle of a string, but on other
platforms could be in other cases, or on yet others even never, if those
others can cope with all inputs –, would that address your concern? Else
this would seem to be making the many pay the edge cases of very few.

> It's silly to assume that if a string with a NUL in it is passed to
> open() on existing systems, that therefore the programmer should be
> warned or even worse have his system call fail, even though the
> historical behavior of such an open is well established and harmless.
> And it would encourage Chicken Littles like Reini by letting them
> claim, fatuously, that they found a real bug that needed fixing, when
> in fact there was no mundane bug, let alone a security bug; and thus
> no fix was ever required.

Is intentionally baiting Chicken Littles a language design goal for you?

What I care about, what I consider a language design goal, is to do
whatever possible to assist the programmer without impeding them; such
as by alerting the unwary or tired programmer when something they did
not expect is going to happen, whenever this is not going to get in the
way of legitimate uses.

(I have not much care if that means Chicken Littles that could have been
baited are not. They will do what they will do, and it is not my concern.
If I refuse aid to the weary in order to troll Chicken Littles then
I have lost my way.)

So that leaves us with the question of whether doing so would impede any
fruitful uses by the mindful expert. Are there? So far I have seen no
justification for the behaviour other than “it does not cause any harm”.
I am entirely open to having my mind changed; all it would take is an
actual example. Please: convince me!

> If you disagree, then while we're at it, let's warn about spaces
> following tabs in source code.  Those are surely mistakes as well.
> <eyeroll>

Do you want me to take your nose-thumbing seriously? If I do and I apply
the same line of argument as above, no remains of it will be found. Did
you actually think this is at all compatible with my position?

Can we be serious for a moment here?

Aristotle Pagaltzis // <>

Thread Previous | Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About