For that reason too I prefer to use only modules that come with my operating system.
Of course it has very limited number of CPAN modules ( http://www.szabgab.com/distributions/ ) and even those can be out of date to my purposes so in many cases I install them from CPAN. For that one might consider setting up a separate account on the system and setting PERL5LIB=/home/perl/perl5lib/lib in the environment and makepl_arg [PREFIX=/home/perl/perl5lib LIB=/home/perl/perl5lib/lib] mbuildpl_arg [--install_base /home/perl/perl5lib --install_path lib=/home/perl/perl5lib/lib] in CPAN::MyConfig.pm This will reduce the install time issues to that account - annoying but limited. In addition one might consider installing modules only after a reasonable time (M days) they are on CPAN and/or after having N successful test reports on http://cpantesters.perl.org/ These precautions might help reduce the security issues. Of course this still falls short of actually reading the code AND understanding it :-) Anyway this thread just gave me another reason to push my ideal of having more modules distributed by the various OS-es and other Perl distributions. http://search.cpan.org/dist/CPAN-Porters Gabor -- Gabor Szabo http://www.szabgab.com/ Perl Training in Israel http://www.pti.co.il/