If you think the module should do anything related to security paranoia (most modules don't need this, and there isn't any indication this is the OPs intend), the safe thing is for the module to accept a file handle, instead of a file name.

That allows the caller of the module to open a file, and actually drop privileges before calling the module. For instance, a daemon could start as a root user, open the necessary files, drop privileges to a normal user, and then call a third party module, passing it file handles (which where opened as the root user). Said module can no longer open files that require root privileges. Your suggestion however, requires the code in the module to run using root privileges.

Picture this: A program manages to escalate it's privileges, then opens a system file for write access. It then passes your module the file handle.
Then what? What damage is the module going to do the program cannot do already? Besides, if the program manage to escalate the privileges before opening the file, the privileges will certainly still be up by the time the module is asked to open the file.
If you (instead) receive the file name, you have a better chance of making sure that any action your module takes is benign.
How?

In reply to Re^2: Passing a Filehandle that Might be a Bareword by JavaFan
in thread Passing a Filehandle that Might be a Bareword by Xiong

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.