develooper Front page | perl.perl5.porters | Postings from August 2022

Why is PERL_INTERNAL_RAND_SEED disabled sometimes?

Thread Next
August 6, 2022 09:41
Why is PERL_INTERNAL_RAND_SEED disabled sometimes?
Message ID:
HI Tony,

In d62950713a9 you added support for the PERL_INTERNAL_RAND_SEED
variable. But it is set up to be ignored when "run setuid or setgid".
Can you explain why? The PERL_INTERNAL_RAND_SEED is nearly only used
to populate the hash seed, and the hash seed isnt similarly guarded so
I am confused what the purpose of this is.

I am in the process of adding support for a new env var which would
imply PERL_INTERNAL_RAND_SEED, but I can't see why it should be
forbidden when setuid or setgid.   What is the security concern here?


perl -Mre=debug -e "/just|another|perl|hacker/"

Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About