in reply to html/file security cgi [revisited]
Please take a look at Essential CGI Security Practices.