| [reply] |
Rule number one is, if you don't know whether taint
checking will break anything, turn on taint checking.
If anything breaks, go over everything for security
issues. This is more a web/cgi thing than a Perl
thing, but it's a big thing. Taint checking is just
a tool Perl provides to help you know if you have
a problem. It's not perfect, but it helps a lot.
Sanity? Oh, yeah, I've got all kinds of sanity. In fact, I've developed whole new kinds of sanity. Why, I've got so much sanity it's driving me crazy.
| [reply] |
Well I don't know about a tool for scanning source code against. But if you want to have a comprehendable list of common problems and solutions I would start with something like the 'Perl Cookbook' From O'Reilly
| [reply] |