comment on

ikegami++ for making me more paranoid than ever!

When I first saw your post, I thought "$0 is evil, well, of course it is!". Then I thought, hrm, but where's the $0? So I ran perldoc -m FindBin and sure enough, right there in the CORE of perl was a $0 lurking beneath the covers.

What scares me about this is the implication that I can trust no module unless I've personally vetted this exact version for issues. I suppose that's always been true but I used to count on the core to do the right thing when it comes secure programming. Now which modules does my latest catalyst project rely on? Do any of them use FindBin? Sigh.

I'm not seriously going to vet CPAN but you've made me realize the trust issues in using any module. I suppose there's more value to "reinventing the wheel" than most people think.

In reply to Re^4: Taint problems by rowdog
in thread Taint problems by gayathriAthreya

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.