Perl what does Taint means in general

Question

I read a lot about Taint in Perl variables, mode etc, for example from the docs:

$AUTOLOAD can now be tainted

If you call a subroutine by a tainted name, and if it defers to an AUTOLOAD function, then $AUTOLOAD will be (correctly) tainted.

While the definition of the word taint from google is:

Definitions of taint

verb

1. contaminate or pollute (something).
   "the air was tainted by fumes from the cars"
   synonyms: contaminate, pollute, adulterate, infect, blight, spoil, soil, ruin, destroy, befoul

noun

1. a trace of a bad or undesirable quality or substance.
   "the taint of corruption that adhered to the regime"
   synonyms: trace, touch, suggestion, hint, tinge, stain, blot, blemish, stigma, black mark, discredit, dishonor, disgrace, shame

So what does Taint mean in general in Perl?

Answer 1

In a nutshell: Any data coming from outside and thus are not in control of the program get flagged as tainted. Sensitive operations like system or exec refuse to work on these tainted data, that is you need to untaint the data by verifying their content. Used correctly this prevents command injections and similar problems.

Answer 2

From perlsec - Taint Mode:

Taint Mode

Perl automatically enables a set of special security checks, called taint mode, when it detects its program running with differing real and effective user or group IDs. The setuid bit in Unix permissions is mode 04000, the setgid bit mode 02000; either or both may be set. You can also enable taint mode explicitly by using the -T command line flag. This flag is strongly suggested for server programs and any program run on behalf of someone else, such as a CGI script. Once taint mode is on, it's on for the remainder of your script.

While in this mode, Perl takes special precautions called taint checks to prevent both obvious and subtle traps. Some of these checks are reasonably simple, such as verifying that path directories aren't writable by others; careful programmers have always used checks like these. Other checks, however, are best supported by the language itself, and it is these checks especially that contribute to making a set-id Perl program more secure than the corresponding C program.

You may not use data derived from outside your program to affect something else outside your program--at least, not by accident. All command line arguments, environment variables, locale information (see perllocale), results of certain system calls (readdir(), readlink(), the variable of shmread(), the messages returned by msgrcv(), the password, gcos and shell fields returned by the getpwxxx() calls), and all file input are marked as "tainted". Tainted data may not be used directly or indirectly in any command that invokes a sub-shell, nor in any command that modifies files, directories, or processes, ....

Answer 3

Taint is a data that your programs reads from external sources. These data may cause your program to behave differently than it is intended to. Such type of data should be introspected before it is used in the program.