Re: Secure popen

From: Slawek (sgpat_private)
Date: Tue Jun 19 2001 - 13:21:20 PDT

Next message: Jeremy Miller: "Re: Secure popen"

Previous message: Aaron Bentley: "Re: Secure popen"
In reply to: Aaron Bentley: "Secure popen"
Next in thread: Jeremy Miller: "Re: Secure popen"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Aaron Bentley wrote:

> I'm writing a CGI program in C++ that sends email.  I'm using Sendmail
> for the transmission, so I need a command that lets me specify stdin for
> Sendmail.
> I understand popen() is not very secure, because it uses the shell to
> execute the command, but I don't know of a safe alternative.  I can
> sanitize my input, but is escaping all non-alphanumeric characters the
> right answer?

pipe(2)
dup2(2)
stdin(4)

bye,
Slawek

Next message: Jeremy Miller: "Re: Secure popen"
Previous message: Aaron Bentley: "Re: Secure popen"
In reply to: Aaron Bentley: "Secure popen"
Next in thread: Jeremy Miller: "Re: Secure popen"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jun 19 2001 - 16:54:49 PDT