Re: system() & user input
- From: Pavel Roskin <proski gnu org>
- To: "Andrew V. Samoilov" <kai cmail ru>
- Cc: Pavel Tsekov <ptsekov gmx net>, <mc-devel gnome org>
- Subject: Re: system() & user input
- Date: Mon, 9 Sep 2002 12:24:06 -0400 (EDT)
Hello!
> There are some user unchecked and unquoted input there
> (subject, to and copy in the pipe_mail(), sort option in the
> edit_sort_cmd() and filename itself in the edit_block_process()).
> I don't like to see bug report about something like 'I formatted file
> `echo rm -rf /*`.c and I loss my system after it' or so on. It seems we
> need to quote such user input or use fork()+execvpe() for such cases.
You are right, we should not use system() unless the user expects the
shell to interpret the commands, which is not the case in either of those
functions.
I don't think those bugs can be actually exploited, but writing quoted
"some_command; rm -rf /" in the subject of e-mail can be a problem, and it
can really happen.
I actually don't understrand the reason why mc_doublepopen() uses two
forks. The comment doesn't say anything about it. I'd like to see more
unified approach to running external programs.
--
Regards,
Pavel Roskin
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]