in reply to Re^11: How to disable taint checking by Perl?
in thread How to disable taint checking by Perl?

This sounds very weird.

I note that . was reomoved from @INC in Perl 5.26, but this has nothing to do with taint mode. It would describe the symptoms you describe without needing to involve mythical ideas about how taint mode could work or how taint mode could always be enabled though.

Maybe simply putting . into @INC already solves your problem? Setting PERL_USE_UNSAFE_INC could be a band-aid for that issue. Also consider the code mentioned in the perldelta:

BEGIN {
    my $dir = "/some/trusted/directory";
    chdir $dir or die "Can't chdir to $dir: $!\n";
    # safe now
    push @INC, '.';
}
 
use "Foo::Bar"; # may load /some/trusted/directory/Foo/Bar.pm
do "config.pl"; # may load /some/trusted/directory/config.pl

[download]

See perl5260delta.pod

Replies are listed 'Best First'.
Re^13: How to disable taint checking by Perl?
by Polyglot (Chaplain) on Oct 26, 2023 at 08:06 UTC
    Corion,

    I dealt with this one awhile back. The discovery turned out to be that it is not possible to disable taint-checks on the path (@INC) post version 5.26; however, it is possible to appease taint, simply by setting the path. This is a step that was not required in earlier versions, but which is no longer optional as a result of taint. So while some may claim taint is not in use if not invoked, this is simply not the whole truth.

    See more on that here: Proper and acceptable use of backticks in a modern Perl script.

    Blessings,

    ~Polyglot~

[reply]

In Section Seekers of Perl Wisdom