diff options
author | Neil Bowers <neilb@neilb.org> | 2022-03-16 23:50:01 +0000 |
---|---|---|
committer | Paul Evans <leonerd@leonerd.org.uk> | 2022-04-20 11:38:21 +0100 |
commit | 7c90a9467d090b303d2a2b8745b0fad04426d07b (patch) | |
tree | 3299ce72fe77548e70918d473feddc58dfc5803c /pod/perllocale.pod | |
parent | 774c7748146e99348eefc95bc735a36a2626d090 (diff) | |
download | perl-7c90a9467d090b303d2a2b8745b0fad04426d07b.tar.gz |
Doc changes to reflect that perl might not support taint
The central doc change is in perlsec.pod. This not only explains
that you can build a perl that doesn't support taint,
but shows how you can check whether your perl supports taint or not.
The other doc changes are mainly to note that taint might not
be supported, and to refer the reader to perlsec for more details.
Diffstat (limited to 'pod/perllocale.pod')
-rw-r--r-- | pod/perllocale.pod | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/pod/perllocale.pod b/pod/perllocale.pod index 932a9efd9d..14a5bcb65f 100644 --- a/pod/perllocale.pod +++ b/pod/perllocale.pod @@ -341,8 +341,9 @@ nested, and that what is in effect within an inner scope will revert to the outer scope's rules at the end of the inner scope. The string result of any operation that uses locale -information is tainted, as it is possible for a locale to be -untrustworthy. See L</"SECURITY">. +information is tainted (if your perl supports taint checking), +as it is possible for a locale to be untrustworthy. +See L</"SECURITY">. Starting in Perl v5.16 in a very limited way, and more generally in v5.22, you can restrict which category or categories are enabled by this @@ -1157,9 +1158,14 @@ Perl cannot protect you from all possibilities shown in the examples--there is no substitute for your own vigilance--but, when C<use locale> is in effect, Perl uses the tainting mechanism (see L<perlsec>) to mark string results that become locale-dependent, and -which may be untrustworthy in consequence. Here is a summary of the -tainting behavior of operators and functions that may be affected by -the locale: +which may be untrustworthy in consequence. + +Note that it is possible to compile Perl without taint support, +in which case all taint features silently do nothing. +See L<perlsec> for how to tell if your perl supports taint checking. + +Here is a summary of the tainting behavior of operators and functions +that may be affected by the locale: =over 4 |