* Michael Mathews <[EMAIL PROTECTED]> [2006-06-02 15:25]:
> I believe I said "in Perl6 modules" not "in the language core"
> as you imply

My apologies; I misremembered the argument, and the PHP example
you gave only happened to reinforce my misconception.

I agree then; having clients for a few network protocols in the
core distro seems very important to me as well. (Since we’re on
that, I would also say that having some kind of very lightweight
XML writer, at minimum, is a necessity nowadays.)

> As for writing bad code that is therefore easy to exploit, I
> wasn't suggesting that either. I personally advise taint be
> turned on for ALL web code, but that's another thread I
> believe, and this one has already started to unravel. :-)

Well yes, failure to validate input is obviously the programmer’s
fault. However, the more implicit magic an API provides, the more
dangerous it is, and the more care is necessary when validating
data to be given to it. This is why IO::All gives me the willies,
f.ex., even as I understand and agree with Ingy’s motivations at
large. I haven’t used two-argument `open` in Perl either since
the three-argument form became available. Go look at what Dan
Bernstein says about APIs…

Aristotle Pagaltzis // <http://plasmasturm.org/>

Reply via email to