in reply to
Re: Preventing SQL injection attacks: are -T and placeholders not enough?
in thread Preventing SQL injection attacks: are -T and placeholders not enough?
I don't use taint checking because I don't use CGI
Tainted data comes from just every input in any environment your programs run but CGI is indeed a kind of wild one compared to locally run programs. However, even you could damage your own system with innocent-looking inputs to your non-CGI programs. Using -T
depends on how much security consideration you (should) put on your programs. Read perlsec
for more information and mind opening.
Open source softwares? Share and enjoy. Make profit from them if you can. Yet, share and enjoy!