$foo = shift;			# $foo is tainted
$bar = $foo,'bar';		# $bar is also tainted
$xxx = <>;			# Tainted
$path = $ENV{'PATH'};		# Tainted, but see below
$abc = 'abc';			# Not tainted

system "echo $foo";		# Insecure
system "/bin/echo", $foo;	# Secure (doesn't use sh)
system "echo $bar";		# Insecure
system "echo $abc";		# Insecure until PATH set

$ENV{'PATH'} = '/bin:/usr/bin';
$ENV{'IFS'} = '' if $ENV{'IFS'} ne '';

$path = $ENV{'PATH'};		# Not tainted
system "echo $abc";		# Is secure now!

open(FOO,"$foo");		# OK
open(FOO,">$foo"); 		# Not OK

open(FOO,"echo $foo|");		# Not OK, but...
open(FOO,"-|") || exec 'echo', $foo;	# OK

$zzz = `echo $foo`;		# Insecure, zzz tainted

unlink $abc,$foo;		# Insecure
umask $foo;			# Insecure
eval $foo;			# Very insecure

exec "echo $foo";		# Insecure
exec "echo", $foo;		# Secure (doesn't use sh)
exec "sh", '-c', $foo;		# Considered secure, alas
