Perl Security: 4. Handling tainted data
Why can it be bad? What am I to do with it?

There are certain operations that are specially dangerous to be executed with untrusted data. They are:

Using this data in any command that invokes a shell process (remember mail to: L053R!!! ; rm -rf / ? )

Using this data in any command that modifies files or directories (remember the filename../../../../etc/passwd? )

Using this data in any command that interacts with the processes (sending a signal to a privileged process by abusing a privileged script)

If Perl detects one of these operations being carried out when running with taint checks on, it will abort the running program (unless this happens in an eval)