I've been in that awful position more than once, too. The worst of it for me was knowing that I personally din't at the time understand enough about Perl and web security to write code I was tasked with in a resonably safe manner, but not being given the time needed to research and learn or some assistance in finding and closing glaring security holes when I would loudly and clearly proclaim my own ignorance in the area to the bosses.

We were lucky. So far as I know, none of my security ignorance was exploited in the time between putting potentially dangerous code into production and getting one of my co-workers to sneak a break from his own insane time-frame to double check me.

Now that Perl has become more avocation than vocation for me, I've taken the time to close many of those gaps in my knowledge. ;)

-rattus