in reply to user input Regular Expression
A few weeks ago, MikeTaylor asked a similar question. Choroba's answer Re^6: Regexp substitution using variables explained the security risk. You really should 'untaint' (taint mode) your patterns and substitution, limiting them to substitutions that you expect.
Bill
In Section
Seekers of Perl Wisdom