$sitescript $siteprefix/bin
$sitelib $siteprefix/lib/perl5/site_perl/$version
$sitearch $siteprefix/lib/perl5/site_perl/$version/$archname
- $siteman1 $siteprefix/man/man1
- $siteman3 $siteprefix/man/man3
- $sitehtml1 (none)
- $sitehtml3 (none)
+ $siteman1dir $siteprefix/man/man1
+ $siteman3dir $siteprefix/man/man3
+ $sitehtml1dir (none)
+ $sitehtml3dir (none)
By default, ExtUtils::MakeMaker will install architecture-independent
modules into $sitelib and architecture-dependent modules into $sitearch.
$vendorscript $vendorprefix/bin
$vendorlib $vendorprefix/lib/perl5/vendor_perl/$version
$vendorarch $vendorprefix/lib/perl5/vendor_perl/$version/$archname
- $vendorman1 $vendorprefix/man/man1
- $vendorman3 $vendorprefix/man/man3
- $vendorhtml1 (none)
- $vendorhtml3 (none)
+ $vendorman1dir $vendorprefix/man/man1
+ $vendorman3dir $vendorprefix/man/man3
+ $vendorhtml1dir (none)
+ $vendorhtml3dir (none)
These are normally empty, but may be set as needed. For example,
a vendor might choose the following settings:
$sitescript /usr/local/bin
$sitelib /usr/local/lib/perl5/site_perl/$version
$sitearch /usr/local/lib/perl5/site_perl/$version/$archname
- $siteman1 /usr/local/man/man1
- $siteman3 /usr/local/man/man3
+ $siteman1dir /usr/local/man/man1
+ $siteman3dir /usr/local/man/man3
$vendorbin /usr/bin
$vendorscript /usr/bin
$vendorlib /usr/lib/perl5/vendor_perl/$version
$vendorarch /usr/lib/perl5/vendor_perl/$version/$archname
- $vendorman1 /usr/man/man1
- $vendorman3 /usr/man/man3
+ $vendorman1dir /usr/man/man1
+ $vendorman3dir /usr/man/man3
Note how in this example, the vendor-supplied directories are in the
/usr hierarchy, while the directories reserved for the end-user are in
_exit vs. exit. If you have this problem, the fix is to go back to
your sfio sources and correct iffe's guess about atexit.
+=head2 Algorithmic Complexity Attacks on Hashes
+
+In Perls 5.8.0 and earlier it was easy to create degenerate hashes.
+Processing such hashes would consume large amounts of CPU time,
+enabling a "Denial of Service" attack against Perl. Such hashes may be
+a problem for example for mod_perl sites, sites with Perl CGI scripts
+and web services, that process data originating from external sources.
+
+In Perl 5.8.1 a security feature was introduced to make it harder
+to create such degenerate hashes.
+
+Because of this feature the keys(), values(), and each() functions
+may return the hash elements in different order between different
+runs of Perl even with the same data. One can still revert to the old
+repeatable order by setting the environment variable PERL_HASH_SEED,
+see L<perlrun>. Another option is to add -DUSE_HASH_SEED_EXPLICIT to
+the compilation flags, in which case one has to explicitly set the
+PERL_HASH_SEED environment variable to enable the security feature,
+or -DNO_HASH_SEED to completely disable the feature.
+
+B<Perl has never guaranteed any ordering of the hash keys>, and the
+ordering has already changed several times during the lifetime of
+Perl 5. Also, the ordering of hash keys has always been, and
+continues to be, affected by the insertion order.
+
+Note that because of this randomisation for example the Data::Dumper
+results will be different between different runs of Perl since
+Data::Dumper by default dumps hashes "unordered". The use of the
+Data::Dumper C<Sortkeys> option is recommended.
+
=head2 SOCKS
Perl can be configured to be 'socksified', that is, to use the SOCKS