>>>>> "Patrick" == Patrick Griffin <[EMAIL PROTECTED]> writes:
Patrick> Hello: Just downloaded my first CPAN module (woo-hoo).
Patrick> What risks are associated with installing these modules?
In theory, many.
Patrick> Are they checked for viruses, etc. before posting?
Nope. If you're using the CPAN installer, they'll be checked against
the checksum list - you can be sure that you're installing the same file
that was uploaded to the server by the developer. However, there's
nothing to stop anyone uploading a script that runs 'rm -rf /' and
getting you to type 'perl -MCPAN -e 'install Helpful::Script'' - it's
trivial to get a CPAN account, and new uploads aren't vetted.
In theory, though, it's likely that such a module would be noticed very
quickly indeed, and removed of anything harmful. Hopefully.
- Chris.
--
$a="printf.net"; Chris Ball | chris@void.$a | www.$a | finger: chris@$a
chris@lexis:~$ perl -le'@a=($^O eq 'darwin')?qw(100453 81289 9159):qw
(23152 19246 2040);while(<>){chomp;push @b,$_ if grep {$.==$_}@a}push
@b,$^X;print ucfirst join(" ",@b[2,0,3,1]).","'</usr/share/dict/words
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
