A rather unique feature of Perl is Taint Mode. If the Perl interpreter is running with Taint Mode enabled, it treats all user input as insecure and refuses to do certain dangerous operations with it. All command line arguments, environment variables, locale information, file input, and the results of certain system calls are considered user input, any command that invokes another process, modifies files, directories or processes is considered dangerous. In addition to that, environment variables and the current working directory are not referred to when loading modules, and directories that are not absolute or writeable by other users are disallowed in the PATH environment variable. Any attempt to use tainted data in the situations outlined above results in immediate termination of the Perl program. The only way to get around this is to untaint the data, which can be done by matching it against regular expressions describing the acceptable values.

Note that Taint Mode can only encourage programmers to include validation of user input in order to prevent security problems: It forces the programmer to write some validation code, but to make those checks effective remains the developer's responsibility.

Also note that Taint Mode is a mechanism to protect your program from causing damage when given unexpected input. It is not a mechanism that makes it safe to run untrusted programs. That problem is addressed by the Safe module, Perl's way of sandboxing code.