[% setvar title Extend the window to turn on taint mode %]

This file is part of the Perl 6 Archive

Note: these documents may be out of date. Do not use as reference!

To see what is currently happening visit http://www.perl6.org/


Extend the window to turn on taint mode


  Maintainer: Adam Turoff <ziggy@panix.com>
  Date: 14 Sep 2000
  Last Modified: 18 Sep 2000
  Mailing List: perl6-internals@perl.org
  Number: 227
  Version: 2
  Status: Frozen


Taint mode must be turned on when Perl is invoked. This is frequently done using:

	perl -T foo.pl

or using a preamble like this:

	#!/usr/bin/perl -T

However, using the #! mechanism to turn on tainting causes problems with other perl idioms, such as:

	perl -c foo.pl

This dependency should be removed.


According to the perlrun manpage description of the -T runtime flag:

    [...] For security reasons, this option must be
    seen by Perl quite early; usually this means it must
    appear early on the command line or in the #! line
    for systems which support that construct.

Perl complains when the -T flag is used with the #! mechanism, and perl is explicitly invoked on the commandline without the -T flag:

    $ cat foo.pl
    #!/usr/bin/perl -T
    print "Success!\n";

    $ perl foo.pl 
    Too late for "-T" option at foo.pl line 1.

    $ perl -c foo.pl
    Too late for "-T" option at foo.pl line 1.

    $ perl -Tc foo.pl
    foo.pl syntax OK

    $ perl -T foo.pl

This RFC proposes that when Perl is explicitly invoked on the commandline, and runs a script that contains the -T option on the #! line, Perl should just turn on taint mode and not complain about it.


No objections were raised on fixing the issue of fixing the order in which parameters are scanned from the commandline invocation of perl and the runtime flags found on the #! line.

Discussion quickly came up with a series of improvements to the taint interface. These issues could be generalized, and will wind up in a subsequent RFC. None of these issues specifically impacts processing of the -T commandline option.




Dan Sugalski came up with some interesting ideas of setting explicit precedences for each commandline option. In this manner, the options specified on the commandline and in the #! line can be unified and processed in an intelligent, intuitive manner, regardless of how the internals are structured.

A possible set of precedence rules might be:

	-M -T -U (load-time flags)
	-n -p  (run-time flags)


perlsec manpage

perlrun manpage

Dan Sugalski's thoughts on commandline switch precedence: www.mail-archive.com