So basically you have a program running with extended privs that can possibly load files from unwanted locations.
Sounds like you have issues controlling access to your runtime environment. You have bigger issues. If you are running a perl program as root and are concerned about joe user messing with it, you have a system wide security problem. If you are instead concerned about someone taking your software and shooting themselves in the foot because they wrote some (though not malicious) code in their own config file that accidentally did something stupid, get used to the Unix idiom -- if they shoot themselves in the foot, that's their problem for not reading the directions or playing with something they shouldn't.
Meanwhile, clueless users can be defeated with YAML or XML::Simple or INI/Apache style config files.