develooper Front page | perl.perl5.porters | Postings from October 2012

Re: Compile option to disable taint mode: speedup

Thread Previous | Thread Next
From:
Steffen Mueller
Date:
October 10, 2012 00:09
Subject:
Re: Compile option to disable taint mode: speedup
Message ID:
50751F21.1050603@cpan.org
On 10/10/2012 07:28 AM, Steffen Mueller wrote:
> On 10/10/2012 12:04 AM, Greg Lindahl wrote:
>> We'd be willing to help out, but I'm not sure if we're up to smoking
>> CPAN on a regular basis.

I don't think we should attempt to smoke CPAN regularly for this, by the 
way.

> Big question is what -t/-T should do by default. Maybe have two
> Configure options. NO_TAINT_SUPPORT (exception on -t/-T) and
> SILENT_NO_TAINT_SUPPORT (ignore -t/-T).

SILENT_NO_TAINT_SUPPORT added on the smueller/no_taint branch.

> Still, some tests would fail if they explicitly test taint mode. Making
> those pass would require exposing "do I have taint mode" to perl.

I've since come around to thinking that it's perfectly ok for these 
tests to fail. Exposing "we didn't compile in taint support" to Perl is 
very messy. Instead, things explicitly checking ${^TAINT} (how perl 
exposes -t/-T settings to Perl) should always get 0 under 
NO_TAINT_SUPPORT. If there's tests like t/run/switcht.t which EXPLICITLY 
test for ${^TAINT} being something else when run under -t, they must 
fail. Let's consider this our safeguard against people accidentally 
using SILENT_NO_TAINT_SUPPORT.

And while I'm at it: You distribution people out there: Don't ship a 
perl without taint support by default!

> If you want to help out, there's an explicit list of things that need
> addressing in my email to the list and in the commit message. I'll hack
> on it some more now.

This was the list:
- PL_taint_warn would likely deserve the same treatment.
- Obviously, tests fail. We have tests for -t/-T
- Right now, I added a Perl warn() on startup when -t/-T are detected
   but the perl was not compiled support it. It might be argued that it
   should be silently ignored! Needs some thinking.
- Code quality concerns - needs review.
- Configure support required.
- Needs thinking: How does this tie in with CPAN XS modules that use
   PL_taint and friends? It's easy to backport the new macros via PPPort,
   but that doesn't magically change all code out there. Might be
   harmless, though, because whenever you're running under
   NO_TAINT_SUPPORT, any check of PL_taint/etc is going to come up false.
   Thus, the only CPAN code that SHOULD be adversely affected is code
   that changes taint state.


Of those things, this is left:
- Code review.
- Test some CPAN against a SILENT_NO_TAINT_SUPPORT perl.
- Configure support.
- Review the remaining taint test failures of the core modules. Some 
fail for a reason because they check -T specifically, some should just 
be skipped if not ${^TAINT} since they test taint compatibility.

For example, I noticed that the List::Util::tainted tests fail now. 
Those should just be skipped if ${^TAINT} is 0, but it's upstream => CPAN.

Best regards,
Steffen

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About