I haven't seen a package or module that does this; but that doesn't mean it doesn't exist.

There is a pretty good article in ;login: The Magazine of Usenix and Sage, Volume 25, Number 2 which deals with this. It's in the Effective Perl Programming column by Joseph N Hall. I haven't done an online search to see if it's online or not.

'CGI Barbie says, "Programming is hard!"'

He does a few things to ensure valid directories and pathnames.

• disallow "." in filenames to prevent people from moving up the file tree
• disallow a leading "/" to force a relative pathname; provide a root dir they have to start from, and prepend that to all paths
• use sysopen instead of Perl's Magic open to make sure the user Can't Possibly open a pipe instead of a file
• use -d, -e, -f, etc. to make sure any specified directory/file exists before messing with it

These might not be adequate for your needs, but they also might be. He also goes over the basics of use taint. Overall, it's a good little article.

I'll look for it online, and post an update if I find it...

Alan

Update: ;login is online, however only Usenix members can access the most recent issues. Go here to see the issues which are available. The issue I referred to above is April 2000, so it looks like it should be available soon.