Hi Paul,
Paul Fenwick wrote: > This means that the value of "taint only during testing" is directly > proportional to the quality of your testing. It's still enormously better > than not using taint at all, but just don't let it lull you into a false > sense of security. > > So please, use taint mode on your test machine, it's a really good idea, and > it will improve your code. But if you get the chance, try to use it on your > production machine as well. ;) > Ah, I see your point...I suppose if it is turned off on the production server, it is putting a lot of pressure on me to test it properly. I guess this isn't the same as turning debugging flags on for a C compiler... Thanks a lot and thank you for your earlier e-mail too! I'm working through that "Perl Security" document on your company's web site from this morning (was busy with something else throughout September). Just got to the "three-argument open" section, so I actually know what you're talking about. ;-) Thanks again; great document, by the way! Ray ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Mason-users mailing list Mason-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/mason-users
