[Tutor] [support@deltawebhosting.com: Re: Python cgi
Danny Yoo
dyoo at hkn.eecs.berkeley.edu
Thu Dec 25 14:27:13 EST 2003
> Perl has a "taint" mode, in which variables can be classified as secure or
> insecure ("tainted"), based on whther their content comes, directly or
> indirectly, from user input. In this mode, a tainted variable cannot be
> used in any statement that modifies a file or process.
There's some good information on Perl's 'taint' mode here:
http://www.w3.org/Security/faq/wwwsf4.html#CGI-Q15
http://gunther.web66.com/FAQS/taintmode.html
It is a Python feature request (feature request #500698), so there's a
possibility that that Python might adopt this concept some day.
https://sourceforge.net/tracker/?func=detail&atid=355470&aid=500698&group_id=5470
Happy holidays!
More information about the Tutor
mailing list