taint checks in tests

As many of you know, kill() is unimplemented on MacPerl.  So this test does
not work from glob-taint.t:

	# all filenames should be tainted
	@a = File::Glob::bsd_glob("*");
	eval { $a = join("",@a), kill 0; 1 };

Someone suggested I do something like this:

	# all filenames should be tainted
	@a = File::Glob::bsd_glob("*");
	eval { eval "\$x = '@a'" };

And it works, but it is, of course, a bit dangerous: if taint checks fail,
and someone put a malicious file in there ...

Now, it was also suggested that maybe a new directory is created (perhaps
using tmpnam), files are put in there, then read, then tested.  Or maybe I
could just filter out non-ASCII characters with a regex in the values in @a
(taintedness should persist).

Or maybe I should just implement a kill() in MacPerl that is a no-op,
except that it pukes if its first argument is tainted.

Thoughts?

-- 
Chris Nandor                      pudge@pobox.com    http://pudge.net/
Open Source Development Network    pudge@osdn.com     http://osdn.com/

• taint checks in tests by Chris Nandor
• Re: taint checks in tests by Mark-Jason Dominus
• [MacPerl-Porters] Re: taint checks in tests by Chris Nandor
• Re: [MacPerl-Porters] Re: taint checks in tests by Nicholas Clark
• Re: [MacPerl-Porters] Re: taint checks in tests by Chris Nandor
• Re: [MacPerl-Porters] Re: taint checks in tests by Chris Nandor
• Re: [MacPerl-Porters] Re: taint checks in tests by Mark-Jason Dominus
• Re: [MacPerl-Porters] Re: taint checks in tests by Chris Nandor
• Re: taint checks in tests by Chris Nandor
• Re: taint checks in tests by Nicholas Clark