If you're taking a string from some source that could be supplied by "baddies", I think your best bet is to have a finite set of shell operations that are possible, a finite set of args for those operations, etc, and only execute a shell command if the input matches the various available choices. Using character quoting and escapes to limit particular shell facilities such as compound commands, redirection and variable substitution is still inadequate -- there may be potentially ruinous commands that don't involve any of the special non-alphabetic characters.

On the other hand, if the purpose of your script is to facilitate some shell operations for "trusted" (and qualified) users -- e.g. those who have shell login access on this machine (and perhaps are members of a specified group or access-control list) -- maybe you don't want to be so restrictive: go ahead and let these people use as wide a range of shell facilities as may be helpful to them. The use of semicolons, pipes, ampersands and angle-brackets should be okay for these people, because they would be able to use these things anyway, without the benefit of your perl script. Why limit the potential utility of your script in this case?

So, my point is, you're asking the wrong question. It's not a matter of figuring out how to "sanitize" an arbitrary shell command line string. Either it's a matter of how to specify the exact range of shell operations permitted for strangers (constructing a command line from choices you make available), or else it's a matter of making your perl script as transparent and flexible as possible in assisting qualified/trusted users when they need to do shell operations.

(updated to fix grammar)