develooper Front page | perl.perl6.stdlib | Postings from September 2000

taint pragma

From:
Adam Turoff
Date:
September 15, 2000 14:59
Subject:
taint pragma
Message ID:
20000915175449.D5354@panix.com
The discussion about RFC 227 in -internals brought up a few good ideas
about a taint pragma.  In brief:

	- taint(), tainted() and other such functions would be useful
	  when sending scalars around or inspecting them.  A few other
	  functions may fall into this category.

	- untaint() should not be one of them

	- this pragma should be shipped in-core, so that there are no 
	  issues with C-compiler requirements (see Dan/TomP's Taint
	  modules).

	- this is not about lexical tainting, which is a *BAD* idea

	- this is not about taint() and untaint() filehandle methods,
	  which are happening anyway.

All that said, does 'use taint;' make sense?

The good idea that Bart brought up with 'use memoize;' still
applies.  Specifically that a :tainted sub attribute (and param
attribute?) may be useful, but that is not within the realm of -stdlib.

Z.




nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About