Re: Secure popen

From: KuroiNeko (evpopkovat_private)
Date: Thu Jun 21 2001 - 11:16:49 PDT

Next message: KuroiNeko: "Re: Secure popen"

Previous message: KuroiNeko: "Re: Secure popen"
In reply to: Peter Jeremy: "Re: Secure popen"
Next in thread: Aaron Bentley: "Re: Secure popen"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> popen(3) effectively does "/bin/sh -c 'popen_argment'". If your
> program checks the environment passed to the shell, then popen(3)
> with a hard-wired argument is safe. If the user can control the
> environment that /bin/sh gets, then all bets are off.

 That's it. If you have

#define POPEN_ARGUMENT "/usr/sbin/sendmail"

 then  you should  be safe.  However,  it won't  hurt to  totally drop  the
environment after  you've processed  its CGI part.  Again, shell  won't see
user's input, whatever nasty stuff he could've entered there.


--

 鳴く猫は鼠を捕らぬ

Next message: KuroiNeko: "Re: Secure popen"
Previous message: KuroiNeko: "Re: Secure popen"
In reply to: Peter Jeremy: "Re: Secure popen"
Next in thread: Aaron Bentley: "Re: Secure popen"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jun 21 2001 - 20:24:04 PDT