| CC: | ETHER [...] cpan.org |
| Subject: | Document that Module::Load is vulnerable to path traversal attacks, by design |
Module::Load::load is vulnerable to path traversal attacks, and this is by design (because load() can load both modules and arbitrary files) and can't be fixed.
About path traversal attacks: https://cwe.mitre.org/data/definitions/23.html
Module::Load is in perl core while Module::Runtime, and many programmers are using Module::Load instead of Module::Runtime for this reason, while they do not provide the same level of safety.
So it is important to document this by-design vulnerability in POD and recommend instead Module::Runtime when unsafe values may be given to Module::Load::load.
Related issues about loading modules dynamically:
https://github.com/Perl-Toolchain-Gang/Software-License/pull/35
https://github.com/simonwistow/Module-Pluggable/pull/6
--
Olivier Mengué - http://perlresume.org/DOLMEN - https://gratipay.com/dolmen/
About path traversal attacks: https://cwe.mitre.org/data/definitions/23.html
Module::Load is in perl core while Module::Runtime, and many programmers are using Module::Load instead of Module::Runtime for this reason, while they do not provide the same level of safety.
So it is important to document this by-design vulnerability in POD and recommend instead Module::Runtime when unsafe values may be given to Module::Load::load.
Related issues about loading modules dynamically:
https://github.com/Perl-Toolchain-Gang/Software-License/pull/35
https://github.com/simonwistow/Module-Pluggable/pull/6
--
Olivier Mengué - http://perlresume.org/DOLMEN - https://gratipay.com/dolmen/