In which languages is it a security hole to use user-supplied regular expression?

Question

Edit: tchrist has informed me that my original accusations about Perl\'s insecurity are unfounded. However, the question still stands.

I know that i

Answer 1

I suspect ruby would allow /#{system("rm -rf really_important_directory")}/ - is that the kind of thing you're worried about?