File permission vulnerabilities and Module::Pluggable
Ash Berlin
ash_cpan at firemirror.com
Wed Jan 21 18:45:18 GMT 2009
On 21 Jan 2009, at 12:12, David Cantrell wrote:
> On Wed, Jan 21, 2009 at 12:46:45AM +0000, Johan Lindstr?m wrote:
>> At 23:47 2009-01-20, Simon Wistow wrote:
>>> Thoughts?
>> Make it optional. But feature both the dependency and the config
>> parameter prominently in the docs. Especially in the SYNOPSIS.
>> See it as a Teachable Moment.
>
> Optional, with a warning if the feature's not available. Make it
> possible to disable the warning with an import() parameter.
Or via:
no warnings Module::Pluggable::XXXXX;
http://search.cpan.org/perldoc?warnings::register
>
>
> The warning should point at the line of code where Module::Pluggable
> is
> being loaded, so that the user knows exactly where to turn it off.
>
> For extra evil and getting the word out to any authors who depend on
> your module but don't themselves have the most recent version, die()
> when the warning isn't turned off, and the extra feature isn't
> available, and it's not just your test suite being run, and
> AUTOMATED_TESTING is set in the environment :-)
>
> --
> David Cantrell | Minister for Arbitrary Justice
>
> You can't spell AWESOME without ME!
More information about the london.pm
mailing list