Minimally, you will want to turn on taint checking with -T. If you are uploading a picture, you'll want to check its "pictureness" with Image::Magick or some similar Module. In any case, you should set a maximum size for the file in the CGI Module using $CGI::POST_MAX and optionally scan the file to make sure that its corresponds with some given format. In the name of security, you should definitely take these extra steps to ensure the sanity of your filesystem.