If a Perl script has setuid root, if it loads any libraries, Perl will try and read @PERL5LIB. The @[[]] within string interpolation executes code to expand the string value, but backticks work here too.

I think this is going to be a problem...

Looks like setuid doesn't work because it needs to be set on the Perl binary itself and not the script

My mistake... this way getting shell expanded, so didn't even hit Perl. Nothing to see here!