Code Forums - View Single Post

joe_bruin · 02-22-2003, 01:07 PM

i believe you are confusing the execve(2) function with the system(3) function. there is no unix "exec" (there is a shell function called exec).

system() calls the shell (sh -c) to execute the commandline given, and is not very safe. it is vulnerable to similar tricks as you described above.

execve() and the exec(3) family of calls (like execv() and execl()) are generally immune to stupid shell tricks (unless you explicitly call a shell program), and can be made safe with a little care.

02-22-2003, 01:07 PM	#2 (permalink)
joe_bruin LOAD "*",8,1 Join Date: Feb 2003 Location: la.ca.us Posts: 254	i believe you are confusing the execve(2) function with the system(3) function. there is no unix "exec" (there is a shell function called exec). system() calls the shell (sh -c) to execute the commandline given, and is not very safe. it is vulnerable to similar tricks as you described above. execve() and the exec(3) family of calls (like execv() and execl()) are generally immune to stupid shell tricks (unless you explicitly call a shell program), and can be made safe with a little care.