[Asterisk-Users] callerid send to shell script with system command

[Michael Graff]

Another way (in Perl) that is very secure, assuming your script that is
called is:

        sytem("foo $callerid")

isn't safe, but

        system("foo", $callerid)

is.  It doesn't use the shaell to execute things, so you can't redirect
output and the like, but $callerid is passed directly to the the foo
application without shell metacharacters being involved at all.

--Michael