develooper Front page | perl.perl5.porters | Postings from October 2012

Re: No-taint support in Perl

Thread Previous | Thread Next
From:
Vincent Pit
Date:
October 21, 2012 04:51
Subject:
Re: No-taint support in Perl
Message ID:
5083E1B9.1030302@profvince.com

> Both versions have some drawbacks in that the version that makes the use
> of -t/-T fatal will make many a CPAN module's tests fail because use of
> -t/-T is relatively common. The silent version will still make tests
> fail that explicitly test the tainting mechanism and can result in users
> of Perl mistakenly using -t/-T without the expected effect. For these
> reasons, the proposed defines are never to become the default Perl
> configuration but if included in a Perl release, should be documented as
> opt-in, expert-level options.

Perl should not support disabling -t/-T by making it not fatal, and 
adding that kind of option to Configure is already supporting it. People 
that want this kind of broken behaviour can hack the core themselves and 
get shot in the foot all they want.


Vincent
Thread Previous | Thread Next

nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About