On Tue, 19 Jun 2001, Aaron Bentley wrote: > I understand popen() is not very secure, because it uses the shell to > execute the command, but I don't know of a safe alternative. If possible, you should open the file descriptors yourself and execute the program directly. That will also save you the overhead of invoking a shell. In unix terms this would be pipe() to get a pair of connected file descriptors, fork() a new process close() the pipe input descriptor in the child and the output descriptor in the parent execve() or similar to have the child run sendmail with the desired options then send the message to sendmail through the pipe. Kai
This archive was generated by hypermail 2b30 : Tue Jun 19 2001 - 20:26:31 PDT