Yes and no.
No, system does quote (in ActivePerl, at least).@cmd = ( 'echo', 'identifier', 'a string', '"pre quoted"' ); system(@cmd); # identifier "a string" "pre quoted" $cmd = "@cmd"; system($cmd); # identifier a string "pre quoted"
Yes, sending the command as a string instead of a list of arguments is a good idea in Windows. In Windows, command line parsing is done by the child. That means every program has its own mechanism to quote and escape its parameters (*). In turn, that means that system (or the underlying library) must guess at how the child wants its arguments quoted and escaped.
Avoid the guessing if possible and provide to the child what the child will receive.
* — If any! When quoting is supported, it's usually double quotes. As for an escaping mechanism, I don't remember ever seeing one, so good luck trying to pass a double quote to a program...