I wasn't aware of ${^TAINT} - that is nice. Any of the modules that have an is_tainted function can be passed known "bad data" such as join("",$0,%ENV,@ARGV) or a few characters from /dev/urandom. But each of these is_tainted functions have to probe by trying to do something bad. Some use eval "#$baddata", others try and do kill 0 * $baddata. It would be nicer to just check the flag. It would be even nicer if I can set the flag to on (knowing I can't turn it off). I think I'll go give it a try.
perl -T -e 'print "(${^TAINT})\n";'
Works on perl 5.8.5 but not on 5.6.0.
my @a=qw(random brilliant braindead); print $a[rand(@a)];