| ▲ | tdhz77 2 days ago | |||||||
It’s hard to believe that 10k is worth whatever they need from Perl in 2025. I wrote Perl for many years while I worked on the godforsaken cmecf system. Cmecf this year announced it had been hacked by Russian hackers. This means that cmecf written in Perl allowed a country access to Federal Court evidence including intelligence gathering methods, corporate secrets, and inside sources. Perl is not memory safe, loaded with security issues for over a decade. It’s only saving grace is string manipulation, which is exactly why the best hackers in the world all know it. | ||||||||
| ▲ | joz1-k 2 days ago | parent | next [-] | |||||||
> Perl is not memory safe Perl is memory safe. > loaded with security issues for over a decade. According to CVE reports, it doesn't appear that Perl [0] is less secure than Python [1]: | ||||||||
| ▲ | Aldipower 2 days ago | parent | prev | next [-] | |||||||
Perl is not memory safe? Are there pointers directly to memory like in C? No, it is an interpreted language that runs opcode in the Perl virtual machine. Sure, there are quite some safety concerns with Perl, but they can be mitigated. For example there is the taint mode with "-T" that prevents direct execution of system commands. Would I use Perl for a new project? No. :-) I would be interested in more details about the cmecf hack!? | ||||||||
| ▲ | kstrauser 2 days ago | parent | prev | next [-] | |||||||
Was the bug in Perl or its libraries, or in the code written in Perl? There are many valid criticisms of Perl, but I've never heard of the language itself described as insecure, and especially not memory-unsafe. I don't know how I'd write a use-after-free or stack smash in Perl if I were forced to. | ||||||||
| ||||||||
| ▲ | 2 days ago | parent | prev [-] | |||||||
| [deleted] | ||||||||