Re: [FWP] untainting fun

[Adam Rice <wysiwyg@glympton.airtime.co.uk>]

Quoting Yitzchak Scott-Thoennes (sthoenna@efn.org):
> Tom C recently pointed out a bug that allows this to work:
> 
> sub untaint(@) { ($_)=keys%{{$_,0}} for @_; @_ }
> 
> Of course, this may be fixed someday.

a) It's not a bug, it's a feature :-)
b) I'm not sure it's desirable to fix it

Experienced Perl programmers know that hash keys are not as other scalars.
And inexperienced Perl programmers, who might most benefit from a fixing of
this oversight, usually confine their interest in the tainting system to how
to turn it off.

Adding a tainting flag to every hash key would be a clear performance hit.
Adding a hash-wide flag covering all the keys might work, but I think it
would seem annoyingly like action-at-a-distance.

If I had my way, they'd just document it somewhere and forget about it :-) I
spend enough of my time worrying about the performance hit from the useless
new threading and regexp extensions, I don't need to lose sleep about this
as well.

-- 
Adam Rice -- wysiwyg@glympton.airtime.co.uk -- Blackburn, Lancashire, England

==== Want to unsubscribe from Fun With Perl?  Well, if you insist...
==== Send email to <fwp-request@technofile.org> with message _body_
====   unsubscribe