Renaming a file is basically the same as moving it. In Perl they're both done with the rename() function; in the Unix shell, with `mv`.

If he strips any problematic characters from the filename, then the rename() function would be trying to rename a file that doesn't exist, so that won't work.

Personally, I think the appropriate solution here is just to use /^(.*)$/s to untaint the filename. That would be bad if the input were coming from a user; but in this case it's coming from the file system. If the input were coming from the user, it might specify a file that he doesn't want to move; but since the input is coming from the filesystem, and he knows he wants to move the file no matter what odd characters the name contains, using that regex to untaint makes sense in this case.