http://qs321.pair.com?node_id=11113998


in reply to Re: Safely capturing the output of an external program
in thread Safely capturing the output of an external program

Untainting might work though; if the filename matches, say, q/^[A-Za-z0-9]+\.tfm$/, it's probably safe to pass it through any shell. But I've never liked that approach, and "probably" is a dangerous word.