Dominique Quatravaux wrote:
Stas Bekman wrote:
Taken from perlsec(1):
sub is_tainted { return ! eval { join('',@_), kill 0; 1; }; }
Thanks Dominique, I'll try that.
Hmm, I can't find that in perlsec. which perl's manpage are you looking at?
Well it's section "Laundering and Detecting Tainted Data" in the perlsec man page, as shipped with RedHat 7.3 (Perl 5.6.1) and Debian stable (5.6.1) and testing (5.8.0).
that code is also the basis for Taint.pm - tom phoenix's Taint.pm, that is, not dan sugalski's:
http://search.cpan.org/src/PHOENIX/Taint-0.09/Taint.pm
the very long explanation in the BEGIN block off how it works is worth a read.
Thanks Geoff, looks like now we have devised an even better function (see p5p).
-- __________________________________________________________________ Stas Bekman JAm_pH ------> Just Another mod_perl Hacker http://stason.org/ mod_perl Guide ---> http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
