pbeckingham has asked for the wisdom of the Perl Monks concerning the following question:

My code failed code review because of the claim that when the -T taint flag is used, it must always be the first flag on the shebang line. I did not know this, or in other words, I don't believe this, because I cannot find any supporting documentation.

Does anyone have any reasons why I would either accept this requirement, or challenge it?

Update: I am also required to remove the -w option from the shebang line for production code. Is this also a good idea?

Replies are listed 'Best First'.
Re: Ordering of taint option -T
by jeffa (Bishop) on Jun 07, 2004 at 19:37 UTC

    According to perlrun: 

    For security reasons, this option must be seen by Perl quite early; usually this means
it must appear early on the command line or in the #! line ...
    And that makes sense, since the switches are parsed first come first serve. Also, many places require warnings to be "turned off" for production code, as using them does require a few more CPU cycles -- some places, however, turn them off because of plethora of warnings being sent out to their error logs is overwhelming. :P

    jeffa

    L-LL-L--L-LL-L--L-LL-L--
-R--R-RR-R--R-RR-R--R-RR
B--B--B--B--B--B--B--B--
H---H---H---H---H---H---
(the triplet paradiddle with high-hat)
[reply]
Re: Ordering of taint option -T
by chromatic (Archbishop) on Jun 07, 2004 at 19:51 UTC

    If you look in perl.c at the S_parse_body() function, you'll see the loop that checks for switches. There's no particular ordering required, at least for taint and baby taint.

    However, if this function only sees a taint flag after you've already invoked perl and it's already processed command-line arguments, the too late for taint macro will take over and exit. As far as I can tell, however, this has absolutely nothing to do with the position of a taint switch within the shebang line and everything to do with when and how you invoke the interpreter.

[reply]
[d/l]
[select]

Back to Seekers of Perl Wisdom