Scripting languages

[Monty Harder]

Brian Densmore <DensmoreB at ctbsonline.com> wrote:

> for the info on parsing the data. I guess I was just paranoid that just
>returning the string would cause it to be parsed and executed. I'm not
>real up to speed on this whole regexp thing yet. It's a rather scary
>concept. Sorry for the lame example. :)

  It's not all that lame.  The trick is limiting the context in which the
regexp is evaluated.  That's the key word, in fact... "evaluated".  Do not
allow user input to your perl script to be passed to an eval
function/statement without wrapping the thing with taintperl, in a
restricted shell or some other  limited execution environment.