I recently converted an application to use its own version of Perl using Perlbrew, rather than the system Perl, and I am never going back to using the system Perl again!
I'm about to start a clean slate application in which all of the scripts will run with TAINT turned on. Like my previous app, the libraries of the new app will refuse to run without TAINT turned on.
My question is, can I install or modify my own private Perl so that it always runs in TAINT mode by default?
EDIT: Sorry -- I should have also mentioned that I would like to use the #!/usr/bin/env perl shebang idiom in my scripts, so defining a shell alias would not be a solution.
While it looks reasonably straightforward to modify perl to always run with tainting turned on (untested: add TAINTING_set(TRUE); just after the command-line-switch-handling for/case in perl.c), there is no supported way to do it. Setting the PERL5OPT environment variable is as close as its gets. Note that "-T" must come first in the variable's value, and any other switches you try to set there will be ignored.
All this seems overly paranoid, though. Is it not enough to put "-T" on the #!-line for the scripts that may get outside input?