in reply to Re: Why do I need -w in a cgi script
in thread Why do I need -w in a cgi script

I concede! I'm an idiot!

I'd forgotten (or, more accurately, never noticed) that Taint would allow anything to be done with user-input prior to untainting it with a regex.

Tom Melly, tom@tomandlu.co.uk
  • Comment on Re: Re: Why do I need -w in a cgi script

Replies are listed 'Best First'.
Re: Why do I need -w in a cgi script
by Abigail-II (Bishop) on Oct 10, 2003 at 14:47 UTC
    Taint checking only prevents you from doing *insecure* things. Opening a file for reading isn't insecure - opening a file for writing is. If taint checking would disallow you to do anything, you wouldn't even be able to untaint it.

    Abigail

[reply]

In Section Seekers of Perl Wisdom