Re: (Ovid) Re: Stuck

Just out of curiosity, why are you worried about un-tainting $where if you're just using it for comparisons and no system operations? Or is this just a safety net in the event the original poster does wish to use $where in a risky way?

Comment on Re: (Ovid) Re: Stuck Select or Download Code

Replies are listed 'Best First'.
(Ovid - why untaint when you don't need to) Re(3): Stuck by Ovid (Cardinal) on Dec 16, 2000 at 09:37 UTC
That's a good question and it's just indicative of paranoia on my part. I tend to untaint data regardless of how it's going to be used at the present time. I don't know who will be maintaining my work in the future and what they're going to be doing with it, so rather than take any chances, I'd like to cover that up front. It's the same reason I turned on taint checking when it's not needed -- I never know who will use this script in the future. Good question, though. It's a matter of style. I just prefer to be ultra paranoid -- after all, they're watching me ;) Cheers, Ovid Join the Perlmonks Setiathome Group or just click on the the link and check out our stats.	[reply]

Replies are listed 'Best First'.

(Ovid - why untaint when you don't need to) Re(3): Stuck
by Ovid (Cardinal) on Dec 16, 2000 at 09:37 UTC

Good question, though. It's a matter of style. I just prefer to be ultra paranoid -- after all, they're watching me ;)

Cheers,
Ovid

Join the Perlmonks Setiathome Group or just click on the the link and check out our stats.

[reply]