Is the "unsafe" call to SWISH from Perl,

open(SWISH, "$swish -w $query -m $results $search_tags -f $index|");

unsafe on ANY platform?

Are there any obvious ways of checking the values passed to remove suspicious characters?

Are there legitimate strings that one could search for that would be interpreted as system commands?

Are PCs susceptible to something like the shell-escape problem that UNIX has?

Chris Humphries