On Mon, Oct 14, 2002 at 10:09:41AM -0400, [EMAIL PROTECTED] wrote:
> SUMMARY
>
> The 'untaintby' property restricts which modules may untaint the data or
> data derived from that data.
>
> DETAILS
>
> I was recently using a module I downloaded from CPAN and looking through
> the code I discovere
I'd say the correct solution isn't to control which modules can accidentally
untaint data (it seems pretty likely that no matter what we do, maliciously
coded modules will be able to screw you over if they try to do so
intentionally) but rather fix those aspects of tainting that allow any module
t
Larry said:
> If properties aren't entirely passive, then it may be
> possible to register a callback on the "tainted" property
> itself that defeats any misguided attempt to untaint it.
Callbacks on properties? That's too cool. By doing callbacks on tainted
and on taintby, a module could be wri
If properties aren't entirely passive, then it may be possible to
register a callback on the "tainted" property itself that defeats any
misguided attempt to untaint it. It's unlikely to protect against
malicious attempts, however.
Larry
I think that if a package deliberately tries to untaint data, and then
the data isn't untainted, there will be an error shortly.
Perhaps you could be more specific about what you mean by "untainting
things which shouldn't be untainted"? Did you mean globals?
Otherwise, I'd think that if a packag
