Taint

Learn about taint, the sticky piece of metadata that comes from outside our programs.

We'll cover the following

Using taint mode
Sources of taint
Removing taint from data
Removing taint from the environment
Taint gotchas

Some Perl features can help us write secure programs. These tools are no substitute for careful thought and planning, but they reward caution and understanding and can help us avoid subtle mistakes.

Taint mode (or taint) is a sticky piece of metadata attached to all data that comes from outside our program. Any data derived from tainted data is also tainted. We may use tainted data within our program, but if we use it to affect the outside world—if we use it insecurely—Perl will throw a fatal
exception.

Get hands-on with 1200+ tech skills courses.

Introduction to Modern Perl

The Perl Philosophy

Perl Identifiers and Variables

Control Flow: Conditionals and Looping

Data Structures

Packages and References

Operators

Functions

Regular Expressions and Matching

Objects

Style and Efficacy

Managing Real Programs

Perl Beyond Syntax

What to Avoid

Perl and Its Community

Next Steps with Perl

Appendix

Taint