diff options
Diffstat (limited to 'ext/GDBM_File')
| -rw-r--r-- | ext/GDBM_File/GDBM_File.pm | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/ext/GDBM_File/GDBM_File.pm b/ext/GDBM_File/GDBM_File.pm index a33b8b59b1..fe34470bd3 100644 --- a/ext/GDBM_File/GDBM_File.pm +++ b/ext/GDBM_File/GDBM_File.pm @@ -31,6 +31,18 @@ C<ftp.gnu.org>, but you are strongly urged to use one of the many mirrors. You can obtain a list of mirror sites from L<http://www.gnu.org/order/ftp.html>. +=head1 SECURITY AND PORTABILITY + +B<Do not accept GDBM files from untrusted sources.> + +GDBM files are not portable across platforms. + +The GDBM documentation doesn't imply that files from untrusted sources +can be safely used with C<libgdbm>. + +A maliciously crafted file might cause perl to crash or even expose a +security vulnerability. + =head1 BUGS The available functions and the gdbm/perl interface need to be documented. |