Thanks for warning. :-) I guess a serious threat will be present when a malicious code injects perl scripts via nginx config... Then request to some path will trigger perl script (which can be a backdoor, destruction program) Posted at Nginx Forum: http://forum.nginx.org/read.php?2,232176,232197#msg-232197