good chemistry is complicated, and a little bit messy -LW |
|
PerlMonks |
Re: Re: Trojan Horse? (taint mode)by IraTarball (Monk) |
on Nov 26, 2001 at 21:37 UTC ( [id://127590]=note: print w/replies, xml ) | Need Help?? |
The context is general knowledge. This all started when I read the passage I tersely quoted and blakem included in full. It's not to solve a specific implementation problem, but rather to ensure understanding so that I can avoid specific implementation problems.
I can't figure out why you would ever want to execute/eval untainted CGI input as-is Yeah, that does sound dangerous. That's why the quoted material caught my attention. It seemes to imply that code could be evaluated without my express permission but instead simply because I put it in double quotes. That kinda freaked me out. Thanks, Ira,
"So... What do all these little arrows mean?"
In Section
Seekers of Perl Wisdom
|
|