Re: Secure popen

From: Kai Schulte (kaiat_private-essen.de)
Date: Tue Jun 19 2001 - 16:35:41 PDT

  • Next message: Christian Recktenwald: "Re: Secure popen"

    On Tue, 19 Jun 2001, Aaron Bentley wrote:
    
    > I understand popen() is not very secure, because it uses the shell to
    > execute the command, but I don't know of a safe alternative.
    
    If possible, you should open the file descriptors yourself and
    execute the program directly.  That will also save you the overhead
    of invoking a shell. In unix terms this would be
    
    pipe() to get a pair of connected file descriptors,
    fork() a new process
    close() the pipe input descriptor in the child and the output descriptor
         in the parent
    execve() or similar to have the child run sendmail with the desired
         options
    then send the message to sendmail through the pipe.
    
    Kai
    



    This archive was generated by hypermail 2b30 : Tue Jun 19 2001 - 20:26:31 PDT