> On 30 May 2017, at 16:43, John Dunlap <j...@lariat.co> wrote:
>
> How is it a security hole?
….
> > my $ret = eval { $m->...() };Just imagine $m->…() returning something containing a valid perl expression such as " `rm -rf /‘; “, system(“rm -rf /“); or something that wires up a shell to a TCP socket. Dw.
