Either you are using the -T switch, or you're running setuid or setgid (these turn on the tainting mechanism). You'll need to untaint your data (see perlsec for details). Perl has assumed that either $base_dir or $number has unsafe data and is killing the script rather than allow a security hole (and this is a Good Thing).

I am assuming that either $base_dir or $number is being acquired from outside the script you are currently running, otherwise I can't see why you'd get this error.

Another problem I see is that your filehandle has an initial cap when you open it (Newfile) but is all lower case (newfile) when you try to write to it or close it. Perl is CasE sEnsiTIVe. Your script is not going to recognize those file handles as being the same thing. Suggestion: put all filehandles in all caps (NEWFILE). This is pretty much the standard in Perl and will serve you well in the future.

Cheers,
Ovid