in reply to Homegrown Pseudo-Tainting
Just to add to all the posters above, who focus more on
untainting the data, perldoc perlsec gives this example
to beforehand check if the data is actually tainted:
GreetZ!,
print "profeth still\n" if /bird|devil/;
untainting the data, perldoc perlsec gives this example
to beforehand check if the data is actually tainted:
sub is_tainted { return ! eval { join('',@_), kill 0; 1; }; }
GreetZ!,
- ChOas
print "profeth still\n" if /bird|devil/;
|
---|
Replies are listed 'Best First'. | |
---|---|
Re: Re: Homegrown Pseudo-Tainting
by gellyfish (Monsignor) on Mar 15, 2002 at 11:49 UTC |
In Section
Seekers of Perl Wisdom