Quote:
|
Originally Posted by Mongrel
I admit, I have no real clue about Perl, but wouldn't this allow quest writers to access other peoples hard drives? Perl seems powerful enough to me to make that possible.
(If it doesn't, just ignore me :oops:)
I can already see them coming ... "HERE!1! Use htis and HAil UR giuldmastre 2 GET KEWL STUFF!!!11!!" ... "Hail, Monk GM" ... bang, hard disks empty :shock:
|
Yeah, security is always an issue. I imagine that embperl, should it catch on, will become slowly more refined, though. Since perl is a veteran of CGI, it already has powerful security features that could be applied (and currently aren't). If you want to enable Perl, but are highly concerned about security, I'd recommend enabling taint checking or disabling the #plugin interface, chroot'ing the process, and only using quests that you have written/converted yourself. Perl exposes a lot of power... that is precisely why I wanted to embed it.