perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject Re: capture exception
Date Tue, 30 May 2017 14:50:40 GMT
On Tuesday 30 May 2017 10:46:08 Ruben Safir wrote:
> Using eval is an unacceptable security bug for all online and public
> access programs that aquire data from external non-secured sources.

Eval is exception handling. It catch problems which could be security
problem (like DOS attack) to correctly handle errors and recover.

Correct and secure code, like in defensing programming, should handle
*all* possible errors which could come from external modules or external
sources and recover from error state. And tool for this is: eval.

View raw message