# Instead of passing a file name, a malicious user sends
# another command
$user_input = "; rm -rf /";

# system() happily executes "ls -l" followed by "rm -rf /"
system("ls -l $user_input");

##</code><code>##

$user_input = "; rm -rf /";

# In this case the user just gets a "no such file or
# directory" error
system("ls", "-l", $user_input);


##</code><code>##

# Bad
@output = `ls -l $user_input`;

# Good
if ($kidpid = open(PIPE, "-|"))
{
        # Parent process.  Read data from the child.
        @output = <PIPE>;
} else {
        # Child process.  Execute the command.
        die "could not fork" if !defined($kidpid);
        exec ("ls", "-l", $user_input) or die "exec failed: $!";
}