No such thing as a small change | |
PerlMonks |
Re: Security techniques every programmer should knowby ihb (Deacon) |
on Dec 27, 2004 at 23:45 UTC ( [id://417663]=note: print w/replies, xml ) | Need Help?? |
Taint mode does not help against null bytes (or any other bytes) in your read_file "$page.html" example. Reads are not checked for tainted data. Writes are though, so write_file "$page.html" would've been stopped by the -T switch. In short, I'd like to add this: Don't think -T will do the job for you! Just think it may help you if you slipped up. ihb
See perltoc if you don't know which perldoc to read!
In Section
Meditations
|
|