|Problems? Is your data what you think it is?|
Re: New Perl Vulnerability?by bluto (Curate)
|on Dec 08, 2005 at 21:39 UTC||Need Help??|
Is this news? This sounds like the sort of thing that taint checking was invented for.
From the article:
You can get something up and running quickly. Presumably, if it's not a one-time type program, you should polish it up afterwards, adding things like error checking and security checks but, shocking as it might seem, this doesn't always happen.
I.e. poor programmers can write bad code -- no big deal. Or how about ...
In fact, from my own experience digging around Perl programs, they're among the sloppiest and most unreadable programs out there.
It's almost as if he's arguing that Perl programs just accumulate syntax trash, no matter how well meaning the programmer was. This is not a flaw of the language.
Update: Removed inflammatory stuff. I know better than to write posts immediately after attending a funeral :-(