Has anyone worked with the taint/untainting supported by Perl? I'm slogging the O'Reily's "Programming Perl", and am more than a bit lost. "Learning Perl" has nothing though. I'd like to find a reference book either devoted to this, or something with extensive coverage and full explanation, rather than 10pages of very advanced coverage..

Megan,

Not one book out there really uses beginner terms when explaining this. I found a few pages on the net that do pretty good.

First, learn as much as you can about regexes. Most un-tainting is done by matching.

Second, read through <a href="http://gunther.web66.com/FAQS/taintmode.html" target="_blank">this page</a>. It's a pretty thorough FAQ on tainted data.

Third, A perl programmer should never write scripts for the net without reading through <a href="http://www.w3.org/Security/faq/" target="_blank">this page</a> by Lincoln D. Stein. Concentrate on the section called Safe Scripting in Perl.

ty! I'll work my way through that stuff tomorrow ( and the day after, and the day after that....&lt;g&gt;)