TWiki bug explanation and patch - Shell characters aren’t escaped/filtered when checking in file attachments. Simple patch available on the TWiki site, and a good reminder of why you should always prefer the list form of the Perl system call over the string form.