Re: Secure popen

From: Christian Recktenwald (secprog-distat_private)
Date: Tue Jun 19 2001 - 16:00:06 PDT

  • Next message: Antonomasia: "Re: Secure popen"

    On Tue, Jun 19, 2001 at 10:03:56AM -0400, Aaron Bentley wrote:
    > I'm writing a CGI program in C++ that sends email.  I'm using Sendmail
    > for the transmission, so I need a command that lets me specify stdin for
    > Sendmail.
    > I understand popen() is not very secure, because it uses the shell to
    > execute the command, but I don't know of a safe alternative.
    
    in short:
    	pipe(2),   which gives you two filehandles for reading and writing
    	fork(2) and exec..(2)  to securely start a new child
    	and some I/O redirection to connect the child's stdin/stdout/stderr
    	to the filehandles archived by pipe(2)
    
    HTH, Chris
    
    -- 
    Christian Recktenwald      :                         :
    citecs GmbH                : chris at citecs dot de  :
    Unternehmensberatung fuer  : voice +49 711 601 2090  : Burgstallstrasse 54
    EDV und Telekommunikation  : fax   +49 711 601 2092  : D-70199 Stuttgart
    



    This archive was generated by hypermail 2b30 : Tue Jun 19 2001 - 20:28:09 PDT