secure mode / redirect

[timo harmo <ti...@helsinki.fi>]

I just found out in comp.text.xml that xalan has a Redirect-extension.
(thread "1 input -> 3 outputs")

I'm writing a "cgi-frontend" that allows users to submit forms / files,
transforms the cgi-form variables to xml and lets users specify a
stylesheet to apply to that xml-file. I'd like to be sure that calling
testxslt -in xml_genatered_from_cgi-input -out somethingthatIallow.htm
-xsl anyfileanywhere.xsl
would only be able to write to the file I have allowed.

Are there other things besides Redirect that may be problematic in in
cgi-settings in xalan and should be disabled for some applications?

I think there could be also others that would like a "secure mode" for
xalan. 

I use the C-version, and do not have a c-compiler.
 -Timo