A variable can only be untainted by extracting

Variables aren't tainted. Scalar values are tainted. Thus, portions of a hash can be tainted while other parts aren't. (Or an array.)

Once a variable is tainted, Perl won't allow you to use it in a system(), exec(),

Second nit, I haven't tested this but according to Perlsec, you can use the LIST form of system and exec and taint-checking is bypassed.