in reply to Re: When not to use taint mode
in thread When not to use taint mode

> So, there's no good reason not to use it, but lazyness and impatience.

I disagree, it always depends on the use case.

If I just write a script which converts one text file into another, it's overkill.

If I write a CGI or something with root rights or generally with foreign user input, it's mandatory.

Cheers Rolf
(addicted to the Perl Programming Language :)
Wikisyntax for the Monastery

PS: it's more or less the same reason why we don't use strict on one-liners.

Replies are listed 'Best First'.
Re^3: When not to use taint mode
by shmem (Chancellor) on Jun 14, 2021 at 16:47 UTC

    Okay,okay - no such thing as something obvious.

    If I just write a script which converts one text file into another, it's overkill.

    And certainly this applies for one-liners also. I've never started a one-liner with perl -Te :)

    If I write a CGI or something with root rights or generally with foreign user input, it's mandatory.

    I use taint mode in any software pertaining to business, and most certainly in scripts which are not user driven, such as glue stuff for critical automation. It doesn't exempt me from looking closely at the modules I use, but it catches dangerous stuff even there.

    perl -le'print map{pack c,($-++?1:13)+ord}split//,ESEL'
[reply]
[d/l]

In Section Seekers of Perl Wisdom