Re: Secure popen

From: Aaron Bentley (abentleyat_private)
Date: Tue Jun 19 2001 - 14:06:53 PDT

  • Next message: Slawek: "Re: Secure popen"

    Hi,
    I appreciate the suggestion.  The reason why it doesn't solve my problem is because
    Sendmail is not the problem.
    
    What I'm really looking for, ideally, is a way to avoid both temporary files and
    /bin/sh
    If I use temporary files, I can use them with Sendmail just as easily as with mutt.
    Or, I can use mutt with popen (which uses /bin/sh).
    
    Two people now have suggested using dup2 and exec, and while they're sort of vague
    about it, I think they mean this:
    1. Create a pipe
    2. Write to it
    3. Use dup2 to replace stdin with your pipe
    4. Exec the program (it will inherit stdin from the calling process--e.g. the pipe)
    
    I'm going to try this, because if it works, I can make a "safe popen" function that I
    can use ad infinitum.
    
    Aaron
    
    Radu Filip wrote:
    
    > Hi!
    >
    > On Tue, 19 Jun 2001, Aaron Bentley wrote:
    >
    > > This is what I'm doing, except that I'm calling popen to specify a pipe directly,
    > > instead of writing the message to a temporary file and then using cat to pipe it
    > > to the mail client.
    > > Temporary files have their own fun problems, and originally, I was trying to avoid
    > > using temporary files by using a pipe instead.
    >
    > Yes, it's good to avoid temporary files... Anyway, I did not understand
    > why this solution is not what you're looking for.
    
    >
    >
    > Radu
    >
    > --
    > Radu Filip
    >                            Network Administrator @ Technical University of Iasi
    > raduat_private             Information Technology and Communication Center
    > http://socrate.tuiasi.ro/  cctiat_private | http://ccti.tuiasi.ro/
    
    --
    Aaron Bentley
    Manager of Information Technology
    PanoMetrics, Inc.
    



    This archive was generated by hypermail 2b30 : Tue Jun 19 2001 - 16:52:35 PDT