/ 
PAR-0.03
River stage two • 7 direct dependents • 14 total dependents
/ par.pl
Security Advisories (2)
CVE-2011-4114 (2011-07-18)

PAR packed files are extracted to unsafe and predictable temporary directories (this bug was originally reported against PAR::Packer, but it applies to PAR as well).

CVE-2011-5060 (2012-01-13)

The par_mktmpdir function in the PAR module before 1.003 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program, a different vulnerability in a different package than CVE-2011-4114.

NAME

par.pl - Run Perl Archives

SYNOPSIS

To use Hello.pm, lib/Hello.pm or lib/arch/Hello.pm from ./foo.par:

% par.pl -A./foo.par -MHello 
% par.pl -A./foo -MHello	# the .par part is optional

Same thing, but search foo.par in the @INC;

% par.pl -Ifoo.par -MHello 
% par.pl -Ifoo -MHello 	# ditto

Run test.pl or script/test.pl from foo.par:

% par.pl foo.par test.pl	# only when the first argument ends in '.par'

DESCRIPTION

This stand-alone command offers roughly the same feature as perl -MPAR, except that it takes the pre-loaded .par files via -Afoo.par instead of -MPAR=foo.par.

The main purpose of this utility is to be feed to perlcc:

% perlcc -o par par.pl

and use the resulting stand-alone executable par as an alternative to perl2exe or PerlApp:

# runs script/run.pl in archive, uses its lib/* as libraries
% par myapp.par run.pl

SEE ALSO

PAR

AUTHORS

Autrijus Tang <autrijus@autrijus.org>

COPYRIGHT

Copyright 2001 by Autrijus Tang <autrijus@autrijus.org>.

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

See http://www.perl.com/perl/misc/Artistic.html