"Gabriel Genellina" <[EMAIL PROTECTED]> writes: > I suppose you don't intend to publish the SafeString class - but if > anyone can get a SafeString instance in any way or another, he can > convert *anything* into a SafeString trivially.
The point (in Perl) of detecting taint isn't to prevent a programmer from deliberately removing the taint. It's to help the programmer find places in the code where taint accidentally remains. > And tainted() returns False by default????? > Sorry but in general, this won't work :( I'm inclined to agree that the default should be to flag an object as tainted unless known otherwise. -- \ "On the other hand, you have different fingers." -- Steven | `\ Wright | _o__) | Ben Finney -- http://mail.python.org/mailman/listinfo/python-list