On Mon, Oct 14, 2002 at 10:09:41AM -0400, [EMAIL PROTECTED] wrote:
> SUMMARY
>
> The 'untaintby' property restricts which modules may untaint the data or
> data derived from that data.
>
> DETAILS
>
> I was recently using a module I downloaded from CPA
I'd say the correct solution isn't to control which modules can accidentally
untaint data (it seems pretty likely that no matter what we do, maliciously
coded modules will be able to screw you over if they try to do so
intentionally) but rather fix those aspects of tainting that allow any module
t
Larry said:
> If properties aren't entirely passive, then it may be
> possible to register a callback on the "tainted" property
> itself that defeats any misguided attempt to untaint it.
Callbacks on properties? That's too cool. By doing callbacks on tainted
and on taintby, a module could be wri
If properties aren't entirely passive, then it may be possible to
register a callback on the "tainted" property itself that defeats any
misguided attempt to untaint it. It's unlikely to protect against
malicious attempts, however.
Larry
I'd think that if a package author untainted data, you
should let him have it untainted. If the data wasn't untainted
CORRECTLY, that's a bug. But otherwise?
=Austin
--- "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> wrote:
> SUMMARY
>
> The 'untaintby' pro
SUMMARY
The 'untaintby' property restricts which modules may untaint the data or
data derived from that data.
DETAILS
I was recently using a module I downloaded from CPAN and looking through
the code I discovered that it untainted certain data that it had no
business untainting (I
