On 2019-01-24 15:18:40 +0000, Ian Jackson wrote: > Ian Jackson writes ("Re: Potentially insecure Perl scripts"): > > The right answer is to fix the behaviour to be secure and sane by > > default. We can arrange for an environment variable for people who > > want to turn the crazy back on. > > To the Debian Perl maintainers: if I make a patch to make > -p -n <> > use the 3-argument form of open (or equivalent), will you apply it ?
I fear that this is not that simple: I suppose that this will break scripts that modify @ARGV to make <> secure. :( Now, perhaps the number of such scripts is close to 0. I don't know. -- Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)