in reply to Insecure dependency in `` while running with -T switch

The problem is in the backticks. You'll need to untaint your word with regular expression match. One way to do it:

    my $_word = defined($_=shift) ? $_ : die "usage: $0 <word>\n";
    chomp($_word);
    my ($word) = $_word =~ /([[:alnum:]]+)/;

[download]

Perl thinks that $word might be dangerous, so it's trying to prevent you from performing what it thinks is an unsafe operation. See perlsec for details.

Cheers,
Ovid

New address of my CGI Course.

Replies are listed 'Best First'.
Re^2: Insecure dependency in `` while running with -T switch
by osirisgothra (Initiate) on Dec 09, 2014 at 15:28 UTC
    make sure you dont (i repeat dont) just use regexs as a transparent layer and compromise the purpose of taint, make sure you actually are checking the data properly for potential bad values, so avoid using /.*/ just to "shut up" the mechanism.
[reply]

In Section Seekers of Perl Wisdom