http://www.perlmonks.org?node_id=151945


in reply to Homegrown Pseudo-Tainting

Just to add to all the posters above, who focus more on
untainting the data, perldoc perlsec gives this example
to beforehand check if the data is actually tainted:
sub is_tainted { return ! eval { join('',@_), kill 0; 1; }; }

GreetZ!,

print "profeth still\n" if /bird|devil/;

Replies are listed 'Best First'.
Re: Re: Homegrown Pseudo-Tainting
by gellyfish (Monsignor) on Mar 15, 2002 at 11:49 UTC

    Except that will only do what you want when you have used the '-T' switch. And as the person who asked the question said they can't use '-T' ..

    /J\