Out of a habit, I run scripts under taint mode... if the CPAN dependencies permit it. I also more or less regularly run my unit tests under taint mode, and make sure my own stuff is taint-proof.
However, I think Neil has a point with his P5P message. Taint mode was useful in the olden days, where everything (including server stuff) happened on a few Unix hosts and people shared their scripts and used other people's scripts freely because that was just convenient.
Taint mode helps against a certain class of things which might turn out insecure, but today's attackers have found easier targets, and taint mode has always produced its share of false positives. If it goes away, I'll miss it, but only a bit.
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.
|
