|Perl: the Markov chain saw
use lib './' security safe?by SavannahLion (Pilgrim)
|on Jul 20, 2004 at 02:30 UTC
SavannahLion has asked for the wisdom of the Perl Monks concerning the following question:
While creating a new custom module that needs to be installed alongside its parent script, I realized that I didn't know if declaring:
is actually a wise thing to do.
I checked the Llama and the Mouse but I didn't find any mention of any security risk. So I ask this. Is there a potential security risk to specifying the local directory into @INC that I should be aware of?
I noticed that @INC apparently doesn't specify the local directory by default, so I figure there's probably some compelling reason for it not to.