I still feel that something that must be done, project after project, and time after time within each project, is an ideal candidate for factorisation.
And that's been done. And it's already available. It's called the "Perl Security FAQ" and the "Web Security FAQ". It's installed as humanware, not computerware,
because the problem is not the programs
, the problem is the programmers
No amount of Perl code would keep you from typing a single-arg system call. But 15 minutes staring at the Security FAQ, and bingo, you know not to type that.
Why is that so hard to get?
-- Randal L. Schwartz, Perl hacker