I think they consider Perl core to be well enough tested and reviewed by its widespread usage. The security team follow CVE closely and if any significant new vulnerability is found patching it is highest priority work (For all software we use). Other random modules from CPAN are an unknown and would need to be reviewed in depth. I realise I am more likely to introduce a novel bug re-creating wheels, but it has the advantage of not being deployed outside this organisation, so less likely to be found and exploited. Another site I have worked even removed most of the core modules. If you wanted one you needed a good reason and a review before it could be used. This sort of approach is common in banks (at least in Europe) with regular audits and a high chance you get your marching orders if you use any non-approved software. Any novel software does get a lengthy review including penetration testing, design reviews etc... Its possible but for something small like this quicker to write a new solution in house.
Cheers, R.
Pereant, qui ante nos nostra dixerunt!
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.
|