I'm writing a CGI program in C++ that sends email. I'm using Sendmail for the transmission, so I need a command that lets me specify stdin for Sendmail. I understand popen() is not very secure, because it uses the shell to execute the command, but I don't know of a safe alternative. I can sanitize my input, but is escaping all non-alphanumeric characters the right answer? The program is not privileged, but I don't want people to be able to gain privileges as 'nobody' on the web server. Any suggestions for this ? Aaron -- Aaron Bentley Manager of Information Technology PanoMetrics, Inc.
This archive was generated by hypermail 2b30 : Tue Jun 19 2001 - 11:29:36 PDT