>Great insight, thanks. It's obvious that I'll have to do a lot more
>research before (possibly) resubmitting anything on this subject. I do
>like the idea of at least being able to fiddle with input source
>tainting (since this is what usually gets me, even if I know the input
>source is safe). Depending on how open() and filehandles are implemented
>in Perl6, this might be a useful thing ($fh->untaint ?).
>From Camel 3, in the stdlibs chapter, under FileHandle:
=item C<< R<HANDLE>->untaint >>
Marks the filehandle or directory handle as providing untainted
data. When running under taint mode (see L<Chapter ##, Security>),
data read in from anywhere, even the program's or module's own
C<DATA> handle, are considered untrustworthy. Do not make this
call blindly: you're circumventing Perl's best attempts to protect
you from yourself.
--tom
