I, too, have seen and supported a lot of crufty Perl code (created some, too, in the day). One reason we see so much of that is that Perl is indeed easy to pick up and use--you can get a lot done at a low level of expertise.

My experience has been that security is a concern, but only one of many concerns. Ease of use and speed usually won out over security when they came into conflict--and that's not necessarily a bad thing. Not everything must be bulletproof.

I know some stuff I've written wasn't perfectly secure. For instance, when I've written little file manipulation scripts for use in controlled situations, they haven't always been sophisticated. They didn't need to be, either.

When I was in the last job, at a very large corporation, I found that I could make things as good as I cared to make them (time constraints did often crowd my style), and that, over time, I could influence others' standards.

The advice given elsewhere in this thread about proper use of buzzwords to get support in company politics for good practices is exactly right--I've done the same and benefited by it. I realize that even saying the phrase "company politics" causes many people to get out the garlic and the wooden stakes and, if they could only get enough of them and use them with sufficient efficiency--but they can't, so we must learn to live with the monster.

(I've learned to live with it...if you can avoid it, send notes on your method--I'm willing to learn.)

I've never worked anywhere that came up to my highest standards, nor ever produced work that came up to those standards--yet I've worked on some hot teams, and done some fine work. I just happen to have very unrealistically high standards, which, if you happen to have a personality that allows you to hold standards like that without perpetually beating yourself up over falling short of them, are not a bad way to keep yourself aimed at the top.