On Mon, Oct 20, 2003 at 10:27:34PM -0700, Michael G Schwern wrote: > On Tue, Oct 21, 2003 at 12:24:03AM -0500, Dave Rolsky wrote:
> > Not to mention that it's buggy as hell. For example, in various versions > > of Perl I've used there have been rather serious bugs in the regex engine > > when taint mode is on, even when dealing with untainted variables! > > I've never hit anything like this. Do you have examples? http://rt.perl.org/rt2/Ticket/Display.html?id=24248 variations on the theme of #!perl -T { local $ENV{PATH} = "/bin"; my $r = "foo"; $ARGV[0] =~ /($r)/; my $c = "echo $1"; system $c; } __END__ http://rt.perl.org/rt2/Ticket/Display.html?id=22270 where I don't agree with any of the explainations (IIRC) and stand by the bug. (But ran out of time to find a better explaination) Nicholas Clark
