Controlling stdin and stdouts of other executables
Chip Salzenberg
chip at tct.uucp
Fri May 4 02:02:30 AEST 1990
[Unix-specific; followups to comp.unix.questions]
According to dkeisen at Gang-of-Four.Stanford.EDU (Dave Eisen):
>system ("command > /dev/null 2>&1");
Beware system(). It calls /bin/sh to do its dirty work, which is one
reason it's so attractive to novice Unix programmers. However, if
anything in the command line is non-constant, then system() usally is
a security hole. Ignoring buffer size issues for the moment,
consider:
sprintf(buf, "/usr/lib/sendmail -oem '%s' <%s", address, tempfile);
system(buf);
Looks great, right? But what if the address is "'; rm -rf $HOME; '"?
Bzzt! You lose the security sweepstakes. I hope you have backups...
--
Chip Salzenberg at ComDev/TCT <chip%tct at ateng.com>, <uunet!ateng!tct!chip>
More information about the Comp.unix.questions
mailing list