[Israel.pm] What is -T ?

Yaron Golan yargolan at gmail.com
Mon Jun 6 06:56:59 PDT 2005


Thank you Gaal, Ofer and Issac !
I guess this make my code better.

YG



On 6/6/05, Gaal Yahas <gaal at forum2.org> wrote:
> On Mon, Jun 06, 2005 at 04:02:23PM +0300, Yaron Golan wrote:
> 
> > It might be related to the new version of Komodo I installed, but still.
> 
> Not directly related, no.
> 
> > The option of online compilation marks one of the modules I use as:
> > Insecure dependency in require while running with -T switch at
> > <myscript.pl> line 12.
> >
> > 1. What is -T?
> > 2. Why when I run perl -wc myscript.pl it is OK?
> > 3. What is the cause and how do I solve it?
> 
> "Taint mode" is a mechanism to run perl in a mode that doesn't trust
> any data coming from external sources (eg., read from filehandles, the
> environment, etc.). The idea that to use such data, you must manually
> pass it through an "untainting" function (that you write). Operations
> that expect untainted data but which are handed user data unprocessed
> will fail loudly with the error you saw. This is a security mechanism;
> it forces you to at least give some thought about dangerous user input,
> and helps fing places where you may have neglected to treat it.
> 
> Read perlsec for more details.
> 
> --
> Gaal Yahas <gaal at forum2.org>
> http://gaal.livejournal.com/
>




More information about the Perl mailing list