You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Martin Moss <ma...@btopenworld.com> on 2004/11/19 13:35:20 UTC
Urgent justification for perl
All,
I've had an urgent request for a few paragraphs on the
justification for the use of perl. In particularly
mod_perl.
Someone in the powers that be read an outdated
description and thinks that using perl is a security
risk - (I know, its not what you use, but how you use
it thats the security concern).
Any ideas?
Marty
___________________________________________________________
Moving house? Beach bar in Thailand? New Wardrobe? Win £10k with Yahoo! Mail to make your dream a reality.
Get Yahoo! Mail www.yahoo.co.uk/10k
--
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html
Re: Urgent justification for perl
Posted by "Randal L. Schwartz" <me...@stonehenge.com>.
>>>>> "John" == John Wittkoski <jo...@aol.com> writes:
John> Martin,
John> You better have one of those "powers that be" give those crazy folks at
John> amazon.com a call and let them know that they are using an insecure
John> product for their little shopping site.
And ticketmaster (gasp)! How could a company that handles millions
of credit cards a day ever use something like Template Toolkit and
mod_perl! They must be *crazy*!
--
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<me...@stonehenge.com> <URL:http://www.stonehenge.com/merlyn/>
Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
--
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html
Re: Urgent justification for perl
Posted by Steven Lembark <le...@wrkhors.com>.
> You better have one of those "powers that be" give those crazy folks at
> amazon.com a call and let them know that they are using an insecure
> product for their little shopping site.
>
> Seriously though, amazon.com uses Mason
> (http://www.masonhq.com/?AmazonDotCom) which uses mod_perl which uses
> perl. They probably do more money based transactions per day than any
> other web site (except perhaps ebay - not sure what they use), and they
> trust mod_perl.
Not mod_perl specific, but most of the large financial houses
use perl+dbi for their work also. They don't publish the fact
(or much else about their internal workings) but our language
does the deed on Wall Street.
The perl advocacy group's 'success stores' page has quite a
few more.
--
Steven Lembark 85-09 90th Street
Workhorse Computing Woodhaven, NY 11421
lembark@wrkhors.com 1 888 359 3508
--
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html
Re: Urgent justification for perl
Posted by John Wittkoski <jo...@aol.com>.
Martin Moss wrote on 11/19/04, 7:35 AM:
> All,
>
> I've had an urgent request for a few paragraphs on the
> justification for the use of perl. In particularly
> mod_perl.
>
> Someone in the powers that be read an outdated
> description and thinks that using perl is a security
> risk - (I know, its not what you use, but how you use
> it thats the security concern).
>
> Any ideas?
Martin,
You better have one of those "powers that be" give those crazy folks at
amazon.com a call and let them know that they are using an insecure
product for their little shopping site.
Seriously though, amazon.com uses Mason
(http://www.masonhq.com/?AmazonDotCom) which uses mod_perl which uses
perl. They probably do more money based transactions per day than any
other web site (except perhaps ebay - not sure what they use), and they
trust mod_perl.
Sorry, I know that's probably not a good "reason", but it is a good example.
--John
--
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html
Re: Urgent justification for perl
Posted by Jonathan Vanasco <jv...@mastersofbranding.com>.
Justification using perl/mod_perl for what, and opposed to what?
A security risk in what way?
There's a 'Success Stories' page here, that might have some things you
want/need:
http://perl.apache.org/outstanding/index.html
On Nov 19, 2004, at 7:35 AM, Martin Moss wrote:
> All,
>
> I've had an urgent request for a few paragraphs on the
> justification for the use of perl. In particularly
> mod_perl.
>
> Someone in the powers that be read an outdated
> description and thinks that using perl is a security
> risk - (I know, its not what you use, but how you use
> it thats the security concern).
>
> Any ideas?
>
> Marty
>
>
>
> ___________________________________________________________
> Moving house? Beach bar in Thailand? New Wardrobe? Win £10k with
> Yahoo! Mail to make your dream a reality.
> Get Yahoo! Mail www.yahoo.co.uk/10k
>
> --
> Report problems: http://perl.apache.org/bugs/
> Mail list info: http://perl.apache.org/maillist/modperl.html
> List etiquette: http://perl.apache.org/maillist/email-etiquette.html
>
--
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html
Re: Urgent justification for perl
Posted by Perrin Harkins <pe...@elem.com>.
On Fri, 2004-11-19 at 07:35, Martin Moss wrote:
> Someone in the powers that be read an outdated
> description and thinks that using perl is a security
> risk - (I know, its not what you use, but how you use
> it thats the security concern).
>
> Any ideas?
man perlsec to start with. There is plenty of Perl advocacy out there
on various sites if you Google for it. If you have a specific concern
that isn't covered well elsewhere, let us know what it is.
- Perrin
--
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html
Re: Urgent justification for perl
Posted by Martin Moss <ma...@btopenworld.com>.
Big thanks to everyone for the links and tips.
Sorry for the ambiguous question, but was just passing
on the ambiguity, to see which way you guys took it,
as I was also annoyed at the ridiculousness of the
question...
Kind regards
Marty
--- Matt Sergeant <ma...@sergeant.org> wrote:
> On 19 Nov 2004, at 12:35, Martin Moss wrote:
>
> > I've had an urgent request for a few paragraphs on
> the
> > justification for the use of perl. In particularly
> > mod_perl.
> >
> > Someone in the powers that be read an outdated
> > description and thinks that using perl is a
> security
> > risk - (I know, its not what you use, but how you
> use
> > it thats the security concern).
> >
> > Any ideas?
>
> We're a global security company. We scan email for
> spam and viruses for
> some places you may have heard of, like the UK
> government and the US
> Federal Reserve. About 50% of everything we do is in
> perl (including
> mod_perl/AxKit for our quarantine system). We're
> also BS/ISO-7799 if
> that's the sort of thing your powers that be need to
> hear.
>
> Does that help?
>
> Matt.
>
>
> --
> Report problems: http://perl.apache.org/bugs/
> Mail list info:
> http://perl.apache.org/maillist/modperl.html
> List etiquette:
> http://perl.apache.org/maillist/email-etiquette.html
>
>
___________________________________________________________
Moving house? Beach bar in Thailand? New Wardrobe? Win £10k with Yahoo! Mail to make your dream a reality.
Get Yahoo! Mail www.yahoo.co.uk/10k
--
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html
Re: Urgent justification for perl
Posted by Matt Sergeant <ma...@sergeant.org>.
On 19 Nov 2004, at 12:35, Martin Moss wrote:
> I've had an urgent request for a few paragraphs on the
> justification for the use of perl. In particularly
> mod_perl.
>
> Someone in the powers that be read an outdated
> description and thinks that using perl is a security
> risk - (I know, its not what you use, but how you use
> it thats the security concern).
>
> Any ideas?
We're a global security company. We scan email for spam and viruses for
some places you may have heard of, like the UK government and the US
Federal Reserve. About 50% of everything we do is in perl (including
mod_perl/AxKit for our quarantine system). We're also BS/ISO-7799 if
that's the sort of thing your powers that be need to hear.
Does that help?
Matt.
--
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html