I don't yet see how calling $filename = <STDIN> is any different than saying $filename = $ENV{HOME}.

They're not.

>echo "input" | perl -T -e "use Scalar::Util qw( tainted ); my $var = 
+<STDIN>; print(tainted($var)?1:0, qq{\n})"
1

>set VAR=input & perl -T -e "use Scalar::Util qw( tainted ); my $var =
+ $ENV{VAR}; print(tainted($var)?1:0, qq{\n})"
1
[download]