[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: system() & user input

From: "Andrew V. Samoilov" <kai cmail ru>
To: Pavel Tsekov <ptsekov gmx net>
Cc: Pavel Roskin <proski gnu org>, mc-devel gnome org
Subject: Re: system() & user input
Date: Mon, 09 Sep 2002 14:40:35 +0300

Pavel Tsekov wrote:

On Fri, 6 Sep 2002, Andrew V. Samoilov wrote:
There are some places in biultin editor, where systen() is called with
unchecked user input.
For example pipe_mail(), edit_sort_cmd() and edit_block_process_cmd() inedit/editcmd.c, but user input is not checked. It will be nice to usemc_doubleopen() there to prevent possible security and data loss issuethere.
Do you refer to mc_doublepopen () ? If this is the case - what possibleproblems would it solve ? Btw mc_doublepopen () is a pretty expensiveoperation (2 forks) and should be replaced by some other mechanism.


There are some user unchecked and unquoted input there

(subject, to and copy in the pipe_mail(), sort option in theedit_sort_cmd() and filename itself in the edit_block_process()).I don't like to see bug report about something like 'I formatted file`echo rm -rf /*`.c and I loss my system after it' or so on. It seems weneed to quote such user input or use fork()+execvpe() for such cases.

I was going to take a look at this but right now I have some importanttask before I can go back to MC.
Pavel Tsekov

Follow-Ups:
- Re: system() & user input
  - From: Pavel Roskin

References:
- Re: system() & user input
  - From: Pavel Tsekov

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]