| Subject: | Problem with taint mode |
Hi,
I got an error trying to use this under taint mode. I'm using Crypt::CAST5_PP
via Crypt::OpenPGP so I can't be sure that the problem's here.
I can switch -T off for my purposes but I thought I'd notify you regardless
Insecure dependency in eval while running with -T switch at blib/lib/Crypt/CAST5_PP.pm (autosplit into blib/lib/auto/Crypt/CAST5_PP/encrypt.al) line 208.
This is perl, v5.8.4 built for i386-linux-thread-multi, on debian 2.4.27-1-686
#!/usr/bin/perl -wTs
# The code I'm using which seems relevant.
use Crypt::OpenPGP;
my $gpg = Crypt::OpenPGP->new(Compat => 'GnuPG');
eval {
my $data;
$data = $gpg->decrypt( Passphrase => $pass, Filename => $cfile)
or die $gpg->errstr;
}