You might also consider including lines like the following to protect yourslef ahead of time.

$CGI::POST_MAX = $pkg_conf::config{'post_max'};
$CGI::DISABLE_UPLOADS = $pkg_conf::config{'disable_uploads'};
$CGI::HEADERS_ONCE = $pkg_conf::config{'headers_once'};
[download]

And in my configuration file, I include:

# post_max: value of $CGI::POST_MAX
post_max = 10240

# disable_uploads: value of $CGI::DISABLE_UPLOADS
disable_uploads = 1

# headers_once: value of $CGI::HEADERS_ONCE
headers_once = 1
[download]

Though I guess you'd want to set disable_uploads to 0.

-- Hugh