Perl doesn't differentiate between input from a textarea or from a drop down box -- and it would be trivial for someone in the know to pass arbitrary parameters to your script through LWP or even by saving your HTML and modifying it.

Fastolfe's right that you can use tainted data in many operations with no trouble, but just be aware that presenting the choice in certain HTML widgets offers minimal protection against mischief makers.