On 2001-Jun-20 06:14:59 -0700, SBNelsonat_private wrote: >Please help me understand. What would be wrong with using popen(2) with >"/usr/lib/sendmail -oi -t" and passing the to/subject lines via input to >sendmail? Is there something wrong with popen itself? popen(3) effectively does "/bin/sh -c 'popen_argment'". If your program checks the environment passed to the shell, then popen(3) with a hard-wired argument is safe. If the user can control the environment that /bin/sh gets, then all bets are off. For the above string, consider the impact of IFS=/ in the environment. Peter
This archive was generated by hypermail 2b30 : Thu Jun 21 2001 - 08:43:14 PDT