-	Permissions on /var/webfilt seem too liberal. Some way to increase
	security? One possibility to improve security somewhat would be to
	have all the directories used the same group as the webserver and
	the SGID bit on those set; then make all the files and directories
	involved not accessible at all to the world at large

-	The web (cgi) side does not handle errors very well. What if the
	form is incomplete? Nothing is checked? Invalid command posted?
	What if path supplied by form differs from what userfilt expects?
	There are situations where webfilt.cgi hangs.

