You really do not want to remove the -T switch. That switch turns on taint mode which helps prevent someone from taking over your script and making it do nasty things like wipe out your hard disk, remove key system files or run a DB query that will bring your website to its knees. There is a nice explanation here: http://gunther.web66.com/FAQS/taintmode.html

To perform system operations while in taint mode you have to make sure that any variable you have passed to those system functions has been validated and marked as untainted. To untaint data you pass it through a regular expression. The fields you extract from the regular expression will be marked as untainted, but the original data will continue to be tainted. The regular expression should validate the data, removing any unexpected characters.

For example,

# data expected to be a number
my ($iCount) = ($dataFromTheWeb =~ /^(\d+)$/);

# data expected to be a user name
my ($sUser) = ($dataFromTheWeb =~ /^(\w+)$/);

# data expected to be a server path (POSIX syntax)
my ($sPath) = ($dataFromTheWeb =~ /^([\w\/]+)$/);

# and so on...
[download]

If you aren't sure whether or not a variable has been de-tainted, you can call Scalar::Util::tainted($var). You must, of course, put use Scalar::Util at the top of your script under use strict; use warnings; and your other use statements, if it isn't there already.

To make system calls or run scripts/modules that make them, you also need to clear the environment (%ENV) of certain environment variables, in particular PATH. Taint mode wants to make sure it knows exactly which executable is being executed so anything that would allow a relative path to an executable (e.g. PATH) needs to go away, like this: $ENV{PATH} = '';

Put the -T back on the shebang line. Just run your script with -T on the command line, too.

Cache::Cache has been deprecated (well, no, not really). You should use CHI instead (yes, probably).

but I can't see how to change that path in File::Cache.

Both File::Cache and Cache::FileCache use the tmpdir() routine from File::Spec.  If you weren't running in taint mode, you could simply set the environment variable TMPDIR, but in taint mode, the variable is ignored. So, a quick hack around this would be to monkey patch Cache::FileCache's _Get_Temp_Directory() routine:

use Cache::FileCache;

{
no warnings 'redefine';
sub Cache::FileCache::_Get_Temp_Directory {
    return File::Spec->_tmpdir( '/home/username/tmp' );
}
}
[download]

The directory must exist, i.e. it isn't created by the call. Also note the underscore in _tmpdir. This is the routine which is normally (internally) called like this $self->_tmpdir( $ENV{TMPDIR}, "/tmp" );

Many thanks to all of you for your helpful responses!  Good to have you on the PerlMonks team.

Feel free to have a Christmas break now (I think you deserve it), and don't forget the reason for the season.

tel2