----- Original Message -----
From: "Daniel Carrera" <dcarrera / math.umd.edu>

[snip]

To untaint data you use regular expressions.  In this case a directory
name should only be composed of "word" charcaters and the character "/".

Do something like:

# dir tainted.
if dir =~ /^([\w\/]+)$/
    dir = $1  # Untainted.
else
    # Error...
end
----------------------------

Cool!  I didn't know you could do that.  I always just used `str.untaint'.

BTW, (to the original poster), tainting also bites me from time to time.  So
far, though, it has *always* been a good thing!  I feel safe at night
knowing that tainting is there.

:)

Chris