----- Original Message -----
From: "Patrick LeBoutillier" <patrick.leboutill...@gmail.com>
- Do other modules have these kinds of features/modes?
It doesn't really apply to other modules, as the compilation (of any XS code
that they contain) has already been done before the module is loaded (used)
in a script.
- Is it a "norm" for module authors to test with -T and make sure
everything is safe?
Certainly not the norm for me :-)
- Also, is blindly untainting everything really the way to do it?
I expect it's just untainting the building of the Inline::C component. The
same could be achieved by running the script twice (first without -T and
then with -T), though you might also want to modify the perl code between
those 2 runs (so that the script doesn't do anything dangerous when run for
the first time without -T).
I would think that the UNTAINT option was added to Inline with the intention
of enabling the running of an Inline::C script in taint mode, but without
having to go to the trouble of the above "run-it-twice" approach. And I
would think that's *all* it is intended to provide. (If one is not satisifed
with that, then one is always free to make one's own arrangements.) And that
would all be fine by me ... if it worked. But it doesn't currently work,
possibly because the constraints imposed by -T have been tightened over the
last few years. Or maybe it never worked to begin with - I don't think there
were ever any tests for it.
By my thinking, if Inline offers that UNTAINT option, it should work as
intended. If it doesn't work as intended it should be either fixed or
removed. (I just wish someone else would fix it, that's all :-)
Thanks Patrick.
Cheers,
Rob
