Rule number one is, if you don't know whether taint checking will break anything, turn on taint checking. If anything breaks, go over everything for security issues. This is more a web/cgi thing than a Perl thing, but it's a big thing. Taint checking is just a tool Perl provides to help you know if you have a problem. It's not perfect, but it helps a lot.