Bug #65594 for Proc-ProcessTable: $pid is tainted in kill (Insecure dependency in kill)

Hello, it seems that when calling the kill() function, the $self->pid variable can, under certain circumstances, be tainted and thus cannot be called in the kill wrapper. Throwing this error: Insecure dependency in kill while running with -T switch at /usr/local/lib/perl/5.10.1/Proc/ProcessTable/Process.pm line 47, <PIDFILE> line 1. The original code: ######################################################## # Kill; just a wrapper for perl's kill at the moment ######################################################## sub kill { my ($self, $signal) = @_; return( kill($signal, $self->pid) ); } which I quickly fixed like that (untainting the $pid variable): ######################################################## # Kill; just a wrapper for perl's kill at the moment ######################################################## sub kill { my ($self, $signal) = @_; my $pid = -1; if ( $self->pid =~ m/(\d+)/ ) { $pid = $1; } return( kill($signal, $pid) ); } The script that is throwing that is a multi-threaded (using threads(), not fork) daemon that changes it's uid/gid to drop privileges. I tried to reproduce the problem in a simpler script but couldn't manage to, so I'm not really sure what happen here. Best regards Olivier