Taint: What it seems to be

On 22 May 2008, I gave a micro-talk to the Atlanta Perl Mongers on Perl's Taint Mode. The talk gives a broad overview of taint mode including its purpose, how to invoke it, differences from normal operation, and how to deal with "tainted" data. Three simple examples are presented including a script vulnerable to a code injection attack. This talk is intended for an audience familiar with Perl. A handout for the talk is available for download in Acrobat (.pdf) format.

[Handout for "Taint: What it seems to be" talk (98 KB)]

Revision history:

23 May 2008: minor corrections to the examples

22 May 2008: original handout

This document is licensed under the Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 License.