That would be ALL of it wouldn't it? <G>
Anyway, I'm still not sure how the hello world script violates the use
of tainted data... it just goes to STDOUT (browser).
If I understand this correctly, I've got to run *all* my user input
through a regex and use the resultant $1, $2 parts as my data? What
about data from an SQL db via DBI, is that "pre-tainted"?
Thanks, John.
PS The updated guide is very nice. (Maybe my problem is I shouldn't be
reading the guide, the panther book, the ram book, and the eagle book,
all at the same time. <G>)
> -----Original Message-----
> From: Stas Bekman [mailto:[EMAIL PROTECTED]]
> Sent: Monday, January 10, 2000 4:34 PM
> To: John Walker
> Cc: '[EMAIL PROTECTED]'
> Subject: Re: Hey, that ain't tainted, is it?
>
>
>
> % perldoc perlsec
> -- is what you are looking for. it's all there...
[...]
