I copied and pasted your code into a file on my debian box & it seemed to work ok. Perhaps the problem is someplace else... Perhaps the environment your CGI is executing in is different (PATH???) than the environment that your script is executing in when run from command line.

As an aside, If you are passing input from the user to the shell, you need to enable taint mode (see perldoc perlsec for details)

As it is a hostlle user might enter an arbitrary command that your script will run. Perhaps something like: .* -l | rm -fr . (This might not work w/ exec but...)

I've copied what appear to the relevant bits from from perlsec below, However since I've never actually written a CGI that passes user input to the system, you might want to look at the docs yourself or await guidance from a wiser monk.

update: fixed silly grammer error

#!/usr/local/bin/perl -wT

use strict;

my $string="test"; # actually comes from CGI

$string=~s/[^\w]//; # remove non word chars

#clean up environment
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
$ENV{'PATH'} = '/bin:/usr/bin';


if (open (GREP, "-|")) {
    print <GREP>;
} else {
    exec ("grep", "-r", $string, ".") || die "Error exec'ing command",
"\n";
}
close (GREP);
[download]

--mandog