C<exec LIST> without the use of indirect object syntax (C<exec PROGRAM LIST>)
may fall back to trying the shell if the first C<spawn()> fails.
+Note that the list form of exec() is emulated since the Win32 API
+CreateProcess() accepts a simple string rather than an array of
+command-line arguments. This may have security implications for your
+code.
+
(SunOS, Solaris, HP-UX)
Does not automatically flush output handles on some platforms.
=item open
-(Win32, S<RISC OS>)
+(S<RISC OS>)
Open modes C<|-> and C<-|> are unsupported.
(SunOS, Solaris, HP-UX)
Opening a process does not automatically flush output handles on some
platforms.
+(Win32)
+Both of modes C<|-> and C<-|> are supported, but the list form is
+emulated since the Win32 API CreateProcess() accepts a simple string
+rather than an array of arguments. This may have security
+implications for your code.
+
=item readlink
(Win32, VMS, S<RISC OS>)
way compatible with Unix (i.e. the exit status of the subprocess is
obtained by C<<< $? >> 8 >>>, as described in the documentation).
+Note that the list form of system() is emulated since the Win32 API
+CreateProcess() accepts a simple string rather than an array of
+command-line arguments. This may have security implications for your
+code.
+
(S<RISC OS>)
There is no shell to process metacharacters, and the native standard is
to pass a command line terminated by "\n" "\r" or "\0" to the spawned