Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?
 
PerlMonks  

Re: When not to use taint mode

by eyepopslikeamosquito (Bishop)
on Jun 14, 2021 at 00:56 UTC ( #11133828=note: print w/replies, xml ) Need Help??


in reply to When not to use taint mode

Since you've recently contributed a CPAN module (Business::Stripe::WebCheckout) you might like to verify that it works flawlessly in taint mode. After all, some of your users might want to call your superb module from a taint mode script.

Ideally, CPAN modules should be tested with and without taint (though I don't know if CPAN testers currently do that). Note that you can run your module's tests in taint mode via the Test::Harness prove utility's -T and -t switches.

Replies are listed 'Best First'.
Re^2: When not to use taint mode
by Bod (Deacon) on Jun 14, 2021 at 12:15 UTC
    you might like to verify that it works flawlessly in taint mode

    Understanding how to use taint mode and practically doing so are high on my todo list.
    Once I am clear about that, I shall test the only module I have on CPAN.

    Just to check my understanding - because taint mode is turned on when Perl is called, turning it on for the script will turn it on for everything including every module that is used by the script. Is that correct?

      turning it on for the script will turn it on for everything including every module that is used by the script. Is that correct?

      Correct. eg:

      $ cat ptt.pl use strict; use warnings; use Path::Tiny; path ($ARGV[0])->spew (@ARGV); $ perl -T ptt.pl foo Insecure dependency in sysopen while running with -T switch at /usr/sh +are/perl5/vendor_perl/Path/Tiny.pm line 830. $

      It would be of rather limited use otherwise.


      🦛

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://11133828]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others chanting in the Monastery: (2)
As of 2021-08-05 11:45 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    My primary motivation for participating at PerlMonks is: (Choices in context)








    Results (44 votes). Check out past polls.

    Notices?