> popen(3) effectively does "/bin/sh -c 'popen_argment'". If your > program checks the environment passed to the shell, then popen(3) > with a hard-wired argument is safe. If the user can control the > environment that /bin/sh gets, then all bets are off. That's it. If you have #define POPEN_ARGUMENT "/usr/sbin/sendmail" then you should be safe. However, it won't hurt to totally drop the environment after you've processed its CGI part. Again, shell won't see user's input, whatever nasty stuff he could've entered there. -- ÌĤ¯Ç¤ÏÁͤòÊá¤é¤Ì
This archive was generated by hypermail 2b30 : Thu Jun 21 2001 - 20:24:04 PDT