Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses
 
PerlMonks  

Re^2: Proposed change regarding "Taint" support

by syphilis (Archbishop)
on Aug 13, 2021 at 13:56 UTC ( [id://11135814]=note: print w/replies, xml ) Need Help??


in reply to Re: Proposed change regarding "Taint" support
in thread Proposed change regarding "Taint" support

... but to excise such a fundamentally important part of the system just for a speed gain seems like throwing the baby out with the bathwater

In that thread, Tomasz Konojacki has referred to that "fundamentally important part of the system" as a "misfeature" that he would like to see "completely removed".
So far, that assessment has not been questioned. Maybe it's in your best interests to let it be known that not everyone shares that view ?
(If people don't tell 'em, they won't know ;-)

Mind you, I don't think they would do anything so bold as to have it "completely removed", so you probably don't have to worry too much about that.
Nevertheless, would you be content to live with the heightened possibility that perls built without taint checking capability existed ?

Cheers,
Rob
  • Comment on Re^2: Proposed change regarding "Taint" support

Replies are listed 'Best First'.
Re^3: Proposed change regarding "Taint" support
by hippo (Bishop) on Aug 13, 2021 at 14:27 UTC

    Not sure about "content" but certainly less miffed. I'm content that PHP exists just so long as I don't have to have anything to do with it. :-)

    Tomasz Konojacki has referred to that "fundamentally important part of the system" as a "misfeature" that he would like to see "completely removed".

    I notice that Tomasz gives neither evidence nor rationale for this "misfeature" claim. Given your recall of Larry's view I am quite happy to be in his camp rather than in Tomasz's.

    🦛

[reply]
      > in his camp

      So far, Larry's camp is not represented in the p5p discussion. It shouldn't make you happy.

      map{substr$_->[0],$_->[1]||0,1}[\*||{},3],[[]],[ref qr-1,-,-1],[{}],[sub{}^*ARGV,3]
[reply]
[d/l]

        Not in that discussion, no. However if you go back to the original referenced post there is at least some support. Steffen himself says (his emphasis):

        I would NOT want this to be the default behaviour, but having this an option could be a boon to people like my employer, who run Perl on thousands of machines and capacity is as important as latency.

        And later ...

        And while I'm at it: You distribution people out there: Don't ship a perl without taint support by default!

        There were a few others in the Larry/Hippo camp back then including Tux and Reini. But perhaps I will badger the p5p echo chamber with my opinions again now so they don't think it is obsolete.

        🦛

[reply]

In Section Perl News

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://11135814]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others exploiting the Monastery: (4)
As of 2024-04-25 15:40 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found