Dual-license your content for inclusion in The Perl 5 Wiki using this HOWTO, or join us for a chat on irc.freenode.net#PerlNet.
User:PJF/Taint mode and Modern::Perl
From PerlNet
< User:PJF
G'day Chromatic, Today you wondered if Modern::Perl should enable taint mode. Unfortunately, my response wouldn't fit into 140 chars, so you're getting it via e-mail. Feel free to republish or publicly discuss this mail if you wish. I feel that Modern::Perl should enable all the modern features and pragmas that are desirable in modern Perl programs, and (ideally) should disable or remove features that are undesirable. Right now all my programs start with: use strict; use warnings; use 5.010; use autodie; Currently I can reduce this to: use Modern::Perl; use autodie; and this is a great improvement. If I wanted to get really lazy, I'd combine the two into Modern::Paul. ;) So currently, Modern::Perl makes my life easier. However if it comes to enabling taint mode, that starts to be a bit more murky. Firstly, there's the problem in enabling taint mode to begin with. Perl *needs* to start with the -T switch in order to be effective. Enabling taint at runtime (eg, using Taint::Runtime) breaks many of taint's assumptions. If taint is enabled at run-time, then any data already read, all of %ENV, all of @ARGV, and anything else that should be tainted, isn't. Perl has already walked through PERL5LIB and PERL5OPT and loaded up untrusted modules and executed code. Easy, one may say, Modern::Perl can just ensure that Perl was started in taint mode. It's a nice idea, but unfortunately it will stop people from using Modern::Perl. Taint mode, as a rule, is a pain in the arse. It's *worth* being a pain in the arse for the benefits it provides when you want them, but it typically means, depending upon the developer: * One spends a lot more time thinking about data and validation and regexps, and what to do when we validate without regexps, and what to do when we have regexps which are not used for validation. OR: * One sidesteps the whole taint problem by using bulk untainting mechanisms which defeat the whole point of taint, but result in extra work. Because of the all-or-nothing approach to Perl's taint mode, if one wishes to use Modern::Perl inside a module, then one needs to use taint mode for the program that uses it. Because taint mode is all-or-nothing, there are some existing CPAN modules that just break (or require large workarounds) when taint mode is enabled; these can't be used in a Modern::Perl program either. The end result is that for a lot of developers, they'll start to avoid using Modern::Perl, because the taint headaches are too large. I think it's much better for Modern::Perl to do the right thing for the overwhelming majority of cases, and allow individual developers to type the extra two keystrokes for taint mode when they deem it necessary. All the very best, Paul
