Vulnwatch mailing list archives
Perl Safe.pm compartment reuse vuln
From: Rain Forest Puppy <rfp () vulnwatch org>
Date: Wed, 6 Nov 2002 05:59:18 +0000 (GMT)
A bug was found in Perl's Safe.pm module: http://use.perl.org/articles/02/10/06/1118222.shtml?tid=5 Basically, code in the sandbox can modify the execution/operation mask via @_; if the compartment was ever reused, the second time around it might use the modified execution mask. Perl <= 5.8.0 are vuln. - rfp
Current thread:
- Perl Safe.pm compartment reuse vuln Rain Forest Puppy (Nov 05)