So in other words, if config1 gets screwed up, whether by malicious intent, or by honest ignorance, or by a simple typo, whatever consequence ensues is okay in your view?

What's the cost of treating it the same as the CGI parameter that gives you "config1"? (You didn't say what you're doing to untaint that, but I guess we shouldn't doubt that you're doing it properly...)

Maybe I'm wrong about this, but I would have thought that if a CGI parameter were untainted properly, such that you could derive from it a file name on the server that could be opened and read, then the data in that file should already be taint-safe (i.e. not need to be untainted).

But if I am wrong about that, and data being read from a named file on the server is treated as tainted, I really don't see the point of handling it any differently than other tainted data. What are you saving by doing this?