|Pathologically Eclectic Rubbish Lister|
Greetings and salutations | sudoby zentara (Archbishop)
|on Feb 05, 2020 at 19:39 UTC||Need Help??|
zentara has asked for the wisdom of the Perl Monks concerning the following question:
My Perl brain never dies. I was looking at the perl code used to break a misconfigured sudo installation at https://thehackernews.com/2020/02/sudo-linux-vulnerability.html
The code being
So, in the interest of all good programmers everywhere, what would be the best defense against a buffer overflow, as shown above? How would one most efficiently and effectively take login information so the c libraries below, or Perl itself, are not locked up? If you were taking that sudo input pipe with perl code, how would you stop a code lockup with Perl as an input filter?
I would write the code myself, but remember, laziness is a virtue, :-)
BTW I still see Perl as the best tool for bizarre code magic, and I've yet to really see it fail me when using it, whearas Python mixups between 2.7 and 3.5 ,pip, pip3, WTK******??????? x 50 just is off the wall crazy. Nothing works as good as CPAN. And remember, Perl comes with Perl/Tk and Perl/GTK2 which have much smaller footprints and libraries loaded that the other bloatware graphics coding schemes. :-) All the libraries come standard in most distros, same libs firefox uses.
.... in the immortal words of Winston Churchill, KBO.... I'm still alive in my cave...
I'm not really a human, but I play one on earth. ..... an animated JAPH