[Catalyst-dev] Security issue with Catalyst::Action::REST

Peter Karman peter at peknet.com
Wed Sep 1 21:17:29 GMT 2010


Ton Voon wrote on 09/01/2010 03:51 PM:

> So I think Data::Dumper is the only serialization that could execute
> other code based on blindly eval'ing input.

ok, I see what you mean. Thanks for clarifying.

-- 
Peter Karman  .  http://peknet.com/  .  peter at peknet.com



More information about the Catalyst-dev mailing list