Security by perl-deprivation on Freenode's #perl. - Fortune [possible satire]

→FilipeMendeshas joined #perl
FilipeMendesany way to avoid having users running perl? I need specify who can or who can not
dondelelcaroFilipeMendes: uh… why?
FilipeMendessecurity purposes
maukehaha
maukechmod 0 /usr/bin/perl
dondelelcaroquestion repeated, with more emphasis and incredulity
FilipeMendesi want specify some users
CaelumFilipeMendes: why would you not want users running perl?
FilipeMendeschmod wouldnt be useful
dkrFilipeMendes: chmod 750 /usr/bin/perl; chgrp leet /usr/bin/perl; and put the leet people in that group ?
FilipeMendeshmmm
dondelelcaroyou realize that any user who wants can just stick their own perl executable there?
go|dfishFilipeMendes: ACL , maybe.
dkralso your system scripts might rely on it
dondelelcaro(and probably all of the users actually end up using perl?)
dkrmodify the perl code to have it exit based on checking a uid whitelist. :)
dkrchange the name to something obscure only the cool people know
mauke_perl
dkrrealize that removing tools does not remove abilities and give up
maukethe _ means it's private!
dkrmauke: :D
Channel#perl
NetworkFreenode
TaglineSecurity by perl-deprivation
Published2008-07-04