[sf-perl] randomize particular lines
chris at noncombatant.org
Tue Mar 7 10:36:40 PST 2006
Joseph Brenner writes:
> I don't use -T on non-cgi scripts myself...
You really should. Any warning you get as a result of taint checking is
in fact a real, live security bug. Taint mode has no false alarms.
> if you run them through the debugger you'll get a "too late to taint"
So make a habit of putting "-T" on *all* Perl command lines.
More information about the SanFrancisco-pm