From: SBNelsonat_private A>> Ken Arnold published a secure popen() in Unix Review years ago (1994?). A>> ... A>> This brings us to your question: A>> A>> If you do the pipe()-fork()-exec() thing and call A>> execl("/usr/lib/sendmail","sendmail","-oi","-t"); A>> you can then pipe in your recipients' names as S> Please help me understand. What would be wrong with using popen(2) with S> "/usr/lib/sendmail -oi -t" and passing the to/subject lines via input to S> sendmail? Is there something wrong with popen itself? popen() with "/usr/lib/sendmail -oi -t" would be fine in this particular case (provided the environment was reset - CGI usage being discussed and I don't know exactly what environment you can pass that way) where the command line can be chosen as a fixed value. More generally where some user input makes it into the command line exec*() is preferable as it avoid shells and all their interpretation. There are such practices as quoting and checking input against a whitelist but the simple ways are the most foolproof. As a performance manual put it; the best compute is no compute and the best I/O is no I/O. -- ############################################################## # Antonomasia ant notatla.demon.co.uk # # See http://www.notatla.demon.co.uk/ # ##############################################################
This archive was generated by hypermail 2b30 : Wed Jun 20 2001 - 17:34:22 PDT