I don't think you can safely eval the expression, .

The safest solution here is to write a parser for the expressions you want to accept and then either eval them or have the parser compute the result. This is not as hard as it sounds, you can have a look at Parse::RecDescent for example: the Parse::RecDescent Tutorial describes an expression parser that you could use as a basis. You could also use Parse::Yapp, the Perl Review has an article about it that should get you started.

And you can also write a rudimentary regexp-based parser, which would probably be a lot less powerful (and might be less safe).

Perl 6 will make this kind of parser a lot more easy to write BTW.