spacer

spacer
November 30, 2010
spacer
spacer
Tainted Perl: For Your Dirtiest Input
By Bryan Young
When writing a program that relies on data coming from outside sources, it is always a good idea to place checks on your data to make sure that there is no funny business going on. There are various ways of doing this, and a good programmer knows to add them in. There is always room for improvement though, and everyone makes mistakes. One thing you can do to ensure that no bad data is getting through to your system is to run your perl program in Taint Mode.

Taint Mode is a command line option which is used to secure your perl programs by requiring all data from outside sources to be passed through a regular expression before it can be used in certain kinds of expressions. According to the perlsec from the perl documentation, "Tainted data may not be used directly or indirectly in any command that invokes a sub-shell, nor in any command that modifies files, directories, or processes, with the following exceptions:" "print and syswrite" "symbolic methods" and "hash keys".

Continue Reading
spacer
spacer
Interested in contributing to the Perl community?
Can you write expert articles and news addressing addressing the latest changes in Perl Development? If so, we are looking for you. Contact techwriters@ientry.com.
spacer


spacer
spacer
Today's Top Videos:
spacer
Patience, Self-Promotion Key In Blogging
There may be lots of ways for a blogger to achieve success, but there are also more than a few in which things can go wrong. At BlogWorld, Anita Campbell gave tips that should help steer...
Watch Video
spacer
Place Search: Google's New Local Search
Google recently changed everything with local, according to Brian Combs, the CEO and Founder of ionadas. For approximately the past 2 years, Google had been running the 7-pack...
Watch Video
spacer
Is Your Landing Page Performing Effectively?
Although landing page optimization is not a new concept, so many marketers are not applying it correctly. As Janet Driscoll Miller of Search Mojo explains, marketers and advertisers need...
Watch Video
Recent Articles:
Improved Exception Handling In Perl 5
Exception handling, or simply error handling, in Perl 5 has always been a matter of using eval on statements and then using conditional statements to check special variables for any possible error codes and responding appropriately. Many pitfalls exist in in this method including the scope of the special variables or their state, and the ancillary code can make readability and maintenance more troublesome.

Most other languages have certain exception handling constructs, namely try-catch-finally blocks, and indeed...
Read More...
spacer

An Alternative To LWP And LWP::Parallel
The benefit of using a Perl library is that you can instantly tap the knowledge and experience of one or more programmers who have already sought out and accomplished what you wish to harness from a given library.
Read More...
Parallel HTTP And FTP Through LWP
I was recently working on a project where I needed to occasionally download many different files from an internet server all at the same time, then process them as a whole. The normal process caused a serious bottleneck...
Read More...
Method Signatures Make Large Projects More...
In many other languages, a function or method states upfront exactly what parameters it expects in order to successfully execute. Along with its name, this is called the "signature" of the function or method. A programmer...
Read More...
Other iEntry Business Resources:
spacer WebProNews.com
spacer Jayde.com
spacer MarketingNewz.com
spacer SalesNewz.com
spacer CareerNewz.com
spacer InvestNewz.com
spacer eCommNewz.com
spacer WebsiteNotes.com
spacer AdvertisingDay.com
spacer
 
-- PerlProNews is an iEntry, Inc. publication --
iEntry, Inc. 2549 Richmond Rd. Lexington KY, 40509
2010 iEntry, Inc. All Rights Reserved Privacy Policy Legal
gipoco.com is neither affiliated with the authors of this page nor responsible for its contents. This is a safe-cache copy of the original web site.