in reply to
Checking for duplicate subroutine names
My recent use of most modern web-servers is that they don't let you go outside of the 'DocumentRoot'. So your users may wipe out your code, but they can't touch the system.
But for additional safety you could use a web-server that is running in a chain root directory (see 'chroot') under a low priority user:group. Malicious or not, *nix is not going to let someone out of the new root of your/their file-system.
"Well done is better than well said." - Benjamin Franklin