On Mon, Oct 14, 2002 at 10:09:41AM -0400, [EMAIL PROTECTED] wrote:
> SUMMARY
> 
> The 'untaintby' property restricts which modules may untaint the data or
> data derived from that data.
>
> DETAILS
> 
> I was recently using a module I downloaded from CPAN and looking through
> the code I discovered that it untainted certain data that it had no
> business untainting (IMHO).  The untainting was an unintended byproduct of
> some otherwise useful work. (See my earlier concern about untainting at
> http://makeashorterlink.com/?Y28261A12)

The concern here seems to be more about unintentional untainting rather than
deliberate untainting by "unauthorized" parties.  Rather than add an
additional, explicit security system on top of an implicit security system,
the causes of unintentional untainting in the language should be reduced.

Something in the family of your original /T regex proposal would make more
sense.  Attack the problem at its source.


-- 

Michael G. Schwern   <[EMAIL PROTECTED]>    http://www.pobox.com/~schwern/
Perl Quality Assurance      <[EMAIL PROTECTED]>         Kwalitee Is Job One
Do you have a map? Because I keep getting lost in your armpits.

Reply via email to