Tk is supposed to work when tainting is enabled (I knew this because there is a Tk::tainting() function that is used to skip certain steps when tainting is turned on).

You are lucky in that the first Tk script I tried exhibited the same problem. Going against the advice of saints and savages I quickly decided to jump into the debugger to figure out where the problem really was.

I quickly found and fixed the problem (OK, if you really hate debuggers for debugging, I suggest you tackle this particular problem on your own without using the debugger and see if you can find the problem in 5 minutes like I did -- seriously). The following paragraph tells how to fix the problem but is obscured for those who want to "take the challenge". Simply "download code" or cut'n'paste to get the solution (or just "select" the area and the colors will change so that the text is visible). 

In Tk.pm, find "sub TranslateFileName" and insert the
following line as the last line of the "unless" block
(making it line 353 in my copy of Tk.pm):
$Home = ( $Home =~ m#^([-\w/.:,]+)# )  if  Tk::tainting;

[download]

Now if I can just manage to produce and submit a patch. ):

        - tye (but my friends call me "Tye")

In reply to (tye)Re: Tk and taint by tye
in thread Tk and taint by ichimunki

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.