[sf-perl] randomize particular lines

Chris Palmer chris at noncombatant.org
Tue Mar 7 10:36:40 PST 2006


Joseph Brenner writes:

> I don't use -T on non-cgi scripts myself...

You really should. Any warning you get as a result of taint checking is
in fact a real, live security bug. Taint mode has no false alarms.

> if you run them through the debugger you'll get a "too late to taint"
> error.

So make a habit of putting "-T" on *all* Perl command lines.


-- 
http://www.noncombatant.org/
http://www.boshuda.com/



More information about the SanFrancisco-pm mailing list