This is a live mirror of the Perl 5 development currently hosted at https://github.com/perl/perl5
Document the new taint behaviour of exec LIST and
authorJarkko Hietaniemi <jhi@iki.fi>
Sun, 24 Feb 2002 19:45:43 +0000 (19:45 +0000)
committerJarkko Hietaniemi <jhi@iki.fi>
Sun, 24 Feb 2002 19:45:43 +0000 (19:45 +0000)
system LIST.

p4raw-id: //depot/perl@14854

pod/perldelta.pod

index 74c1ce6..52f9315 100644 (file)
@@ -485,6 +485,15 @@ This is not a substitute for -T.>
 
 =item *
 
+In other taint news, the C<exec LIST> and C<system LIST> have now been
+considered too risky (think C<exec @ARGV>: it can start any program
+with any arguments), and now the said forms cause a warning.
+You should carefully launder the arguments to guarantee their
+validity.  In future releases of Perl the forms will become fatal
+errors so consider starting laundering now.
+
+=item *
+
 If tr/// is just counting characters, it doesn't attempt to
 modify its target.