|Perl Monk, Perl Meditation|
Re^7: Taint mode limitationsby BrowserUk (Pope)
|on Nov 04, 2012 at 15:56 UTC||Need Help??|
But everything else should be caught by taint mode (and I canít see a technical reason why it canít be done).
I can only ask you to re-read what I wrote in the last section of Re^3: Taint mode limitations.
I do not disagree that taint mode could have been implemented in a manner that would make it more amenable to being used to catch and fix-up poor code. But it wasn't.
Alain is now faced with a problem of fixing up his -- self-described -- poor code. Petitioning for a change to the implementation at this point is most unlikely to help him. Even if everyone agreed a change would be beneficial, it would likely be a long time before that made it into a new release.
And given the existing mechanism is used my millions of pieces of code out there in the real world; and there is no real way to make his explicit de-tainting mechanism co-exist with the current mechanism; the likelyhood of it ever being implemented is very low.
That leaves Alain one obvious choice.
With the rise and rise of 'Social' network sites: 'Computers are making people easier to use everyday'
Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.
"Science is about questioning the status quo. Questioning authority".
In the absence of evidence, opinion is indistinguishable from prejudice.