source: trunk/essentials/dev-lang/perl/pod/perl570delta.pod@ 3184

=head1 NAME

perl570delta - what's new for perl v5.7.0

=head1 DESCRIPTION

This document describes differences between the 5.6.0 release and
the 5.7.0 release.

=head1 Security Vulnerability Closed

A potential security vulnerability in the optional suidperl component
of Perl has been identified.  suidperl is neither built nor installed
by default.  As of September the 2nd, 2000, the only known vulnerable
platform is Linux, most likely all Linux distributions.  CERT and
various vendors have been alerted about the vulnerability.

The problem was caused by Perl trying to report a suspected security
exploit attempt using an external program, /bin/mail.  On Linux
platforms the /bin/mail program had an undocumented feature which
when combined with suidperl gave access to a root shell, resulting in
a serious compromise instead of reporting the exploit attempt.  If you
don't have /bin/mail, or if you have 'safe setuid scripts', or if
suidperl is not installed, you are safe.

The exploit attempt reporting feature has been completely removed from
the Perl 5.7.0 release, so that particular vulnerability isn't there
anymore.  However, further security vulnerabilities are,
unfortunately, always possible.  The suidperl code is being reviewed
and if deemed too risky to continue to be supported, it may be
completely removed from future releases.  In any case, suidperl should
only be used by security experts who know exactly what they are doing
and why they are using suidperl instead of some other solution such as
sudo ( see http://www.courtesan.com/sudo/ ).

=head1 Incompatible Changes

=over 4

=item *

Arrays now always interpolate into double-quoted strings:
constructs like "foo@bar" now always assume C<@bar> is an array,
whether or not the compiler has seen use of C<@bar>.

=item *

The semantics of bless(REF, REF) were unclear and until someone proves
it to make some sense, it is forbidden.

=item *

A reference to a reference now stringify as "REF(0x81485ec)" instead
of "SCALAR(0x81485ec)" in order to be more consistent with the return
value of ref().

=item *

The very dusty examples in the eg/ directory have been removed.
Suggestions for new shiny examples welcome but the main issue is that
the examples need to be documented, tested and (most importantly)
maintained.

=item *

The obsolete chat2 library that should never have been allowed
to escape the laboratory has been decommissioned.

=item *

The unimplemented POSIX regex features [[.cc.]] and [[=c=]] are still
recognised but now cause fatal errors.  The previous behaviour of
ignoring them by default and warning if requested was unacceptable
since it, in a way, falsely promised that the features could be used.

=item *

The (bogus) escape sequences \8 and \9 now give an optional warning
("Unrecognized escape passed through").  There is no need to \-escape
any C<\w> character.

=item *

lstat(FILEHANDLE) now gives a warning because the operation makes no sense.
In future releases this may become a fatal error.

=item *

The long deprecated uppercase aliases for the string comparison
operators (EQ, NE, LT, LE, GE, GT) have now been removed.

=item *

The regular expression captured submatches ($1, $2, ...) are now
more consistently unset if the match fails, instead of leaving false
data lying around in them.

=item *

The tr///C and tr///U features have been removed and will not return;
the interface was a mistake.  Sorry about that.  For similar
functionality, see pack('U0', ...) and pack('C0', ...).

=back

=head1 Core Enhancements

=over 4

=item *

C<perl -d:Module=arg,arg,arg> now works (previously one couldn't pass
in multiple arguments.)

=item *

my __PACKAGE__ $obj now works.

=item *

C<no Module;> now works even if there is no "sub unimport" in the Module.

=item *

The numerical comparison operators return C<undef> if either operand
is a NaN.  Previously the behaviour was unspecified.

=item *

C<pack('U0a*', ...)> can now be used to force a string to UTF-8.

=item *

prototype(\&) is now available.

=item *

There is now an UNTIE method.

=back

=head1 Modules and Pragmata

=head2 New Modules

=over 4

=item *

File::Temp allows one to create temporary files and directories in an
easy, portable, and secure way.

=item *

Storable gives persistence to Perl data structures by allowing the
storage and retrieval of Perl data to and from files in a fast and
compact binary format.

=back

=head2 Updated And Improved Modules and Pragmata

=over 4

=item *

The following independently supported modules have been updated to
newer versions from CPAN: CGI, CPAN, DB_File, File::Spec, Getopt::Long,
the podlators bundle, Pod::LaTeX, Pod::Parser, Term::ANSIColor, Test.

=item *

Bug fixes and minor enhancements have been applied to B::Deparse,
Data::Dumper, IO::Poll, IO::Socket::INET, Math::BigFloat,
Math::Complex, Math::Trig, Net::protoent, the re pragma, SelfLoader,
Sys::SysLog, Test::Harness, Text::Wrap, UNIVERSAL, and the warnings
pragma.

=item *

The attributes::reftype() now works on tied arguments.

=item *

AutoLoader can now be disabled with C<no AutoLoader;>,

=item *

The English module can now be used without the infamous performance
hit by saying

        use English '-no_performance_hit';

(Assuming, of course, that one doesn't need the troublesome variables
C<$`>, C<$&>, or C<$'>.)  Also, introduced C<@LAST_MATCH_START> and
C<@LAST_MATCH_END> English aliases for C<@-> and C<@+>.

=item *

File::Find now has pre- and post-processing callbacks.  It also
correctly changes directories when chasing symbolic links.  Callbacks
(naughtily) exiting with "next;" instead of "return;" now work.

=item *

File::Glob::glob() renamed to File::Glob::bsd_glob() to avoid
prototype mismatch with CORE::glob().

=item *

IPC::Open3 now allows the use of numeric file descriptors.

=item *

use lib now works identically to @INC.  Removing directories
with 'no lib' now works.

=item *

C<%INC> now localised in a Safe compartment so that use/require work.

=item *

The Shell module now has an OO interface.

=back

=head1 Utility Changes

=over 4

=item *

The Emacs perl mode (emacs/cperl-mode.el) has been updated to version
4.31.

=item *

Perlbug is now much more robust.  It also sends the bug report to
perl.org, not perl.com.

=item *

The perlcc utility has been rewritten and its user interface (that is,
command line) is much more like that of the UNIX C compiler, cc.

=item *

The xsubpp utility for extension writers now understands POD
documentation embedded in the *.xs files.

=back

=head1 New Documentation

=over 4

=item *

perl56delta details the changes between the 5.005 release and the
5.6.0 release.

=item *

perldebtut is a Perl debugging tutorial.

=item *

perlebcdic contains considerations for running Perl on EBCDIC platforms.
Note that unfortunately EBCDIC platforms that used to supported back in
Perl 5.005 are still unsupported by Perl 5.7.0; the plan, however, is to