jon at endpoint.com
Wed Mar 18 02:53:49 UTC 2009
Correct me if I'm wrong, but Interchange has never run in Perl's taint
mode. It looks like the last time -T mode was used was MiniVend 1.01.
If that's right, there are several apparently needless untainting routines
in the Interchange codebase that we should be able to remove, mostly in
Vend::Config and Vend::Search.
There's also one in Vend::Server, but that is probably useful for other
reasons and the comment just needs to be removed.
There's one in scripts/restart.PL too, and that doesn't run in taint mode
Does anyone know of a reason we shouldn't remove these?
End Point Corporation
More information about the interchange-users