Hello, how do I set the taint mode in a perl script with a
#!/usr/bin/env perl
shebang?
views:
169answers:
2
+1
A:
Since taint mode can only be enabled via the -T flag, and env won't accept any flags in a shebang line, your best option is to run the program via perl -T script.pl rather than executing the script directly.
If you absolutely need to enforce taint mode in the shebang, you could make a taintperl script somewhere in your PATH (e.g. /usr/local/bin) with the following contents:
#!/bin/sh
/usr/bin/env perl -T
Then in your Perl script, have
#!/usr/bin/env taintperl
rjh
2010-03-27 11:02:31
On many OSs, you cannot use an interpreted script as a script interpreter. You would have to do this in a compiled language, e.g. C
Gavin Brock
2010-03-27 11:31:33
+5
A:
You can pass the PERL5OPT environment variable on the shebang line:
#!/usr/bin/env PERL5OPT=-T perl
This seems all rather backwards to me.
Another option, is to re-execute the script under taint mode if you detect it's not on:
#!/usr/bin/env perl
warn 'Taint mode is '.(${^TAINT} ? 'on' : 'off'); # For debugging
exec($^X,'-T',$0,@ARGV) unless ${^TAINT};
# do stuff under taint mode here
Obviously, this is a major startup performance hit.
Gavin Brock
2010-03-27 11:23:43