I have written a CGI which works (for now! :-) ) but I'd want to add a feature which uses Perl regexp. So my question is: does anyone can use the following code in order to do forbidden things ? eval " \$found = m#$regexp# " where the $regexp variable directly comes from $ENV{'QUERY_STRING'}. I would really like to know that because for now, I can't find any hole, and I don't want to use something which could be dangerous in my CGI.. Thanks in advance. ***** Want to unsubscribe from this list? ***** Send mail with body "unsubscribe" to mac-perl-request@iis.ee.ethz.ch