I suppose it's always a good practice to enable taint checking. It provides another layer of security. Also, in reality, most CGI programs are large or will get large eventually and as a result, you can never be 100% certain whether your code is secure.