Perl-Sensitive Sunglasses | |
PerlMonks |
Re^2: Taint mode... use all the time?by cbatjesmond (Novice) |
on Feb 11, 2005 at 20:41 UTC ( [id://430257]=note: print w/replies, xml ) | Need Help?? |
This is meaningful in a web application, where you want to protect your servers from web monkeys trying to poke and prod their way through your application to the OS. s/servers from web monkeys/computers from users/That's a waste of cycles if such checks aren't required. "Yeah, some luser stole the CC database, ordered $10_000_000_000 of goods, sold the customer list to spammers and deleted all the real orders, but hey! the application runs 0.002% faster!" Sorry, I don't agree: if you're dealing with user input in a situation where they could (intentionally or unintentionally*) damage the system and the language offers you a helping hand, why not use it? I use -T for pretty much anything that's going to be run by anyone except me (I assume I'll supply only valid input -- I'm right _most_ of the time): Like use strict; it helps me write good code, in this case ensuring I validate user input. * "What due you mean I can't use spaces, (), &, ;, *, ? in filenames?" -- Sorry if this is abrupt:it's been a rough week!
In Section
Seekers of Perl Wisdom
|
|