Security by perl-deprivation on Freenode's #perl. - Fortune

Security by perl-deprivation on Freenode's #perl.

→FilipeMendes has joined #perl
FilipeMendes any way to avoid having users running perl? I need specify who can or who can not
dondelelcaro FilipeMendes: uh… why?
FilipeMendes security purposes
mauke haha
mauke chmod 0 /usr/bin/perl
dondelelcaro question repeated, with more emphasis and incredulity
FilipeMendes i want specify some users
Caelum FilipeMendes: why would you not want users running perl?
FilipeMendes chmod wouldnt be useful
dkr FilipeMendes: chmod 750 /usr/bin/perl; chgrp leet /usr/bin/perl; and put the leet people in that group ?
FilipeMendes hmmm
dondelelcaro you realize that any user who wants can just stick their own perl executable there?
go|dfish FilipeMendes: ACL , maybe.
dkr also your system scripts might rely on it
dondelelcaro (and probably all of the users actually end up using perl?)
dkr modify the perl code to have it exit based on checking a uid whitelist. :)
dkr change the name to something obscure only the cool people know
mauke _perl
dkr realize that removing tools does not remove abilities and give up
mauke the _ means it's private!
dkr mauke: :D
Channel #perl
Network Freenode
Tagline Security by perl-deprivation