Hello Lukas, > I wonder how other languages solve this dilemma? Like how does Ruby's > taint model work? What are the experience there? Are there any other > languages that have a taint model? I don't know exactly what they do, but if I am not completely mistaken the difference is simple.
AFAIK perl has variable level tainting, but does not have implicit untainting. That means the developer has to use something like untaint($variable) whenever he wants to use tainted input. This means the developer can only use tainted input when he THINKS and explicitly untaint()s it. He is responsible for bad decisions like using the wrong escaping function and telling perl that he untaint()ed the input. This is different from the implicit untainting through htmlentities() and mysql_real_escape_string() because there are obviously cases where these functions are the WRONG functions and the developer will never realise this because he was not taught to untaint() himself only when he is sure... Stefan Esser -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
