Safe version of system(3) call.
Bruce Karsh
karsh at geowhiz.UUCP
Sun Apr 21 11:44:12 AEST 1985
If you call the system(3) service from a program that is
setuid'ed to root, the argument of the call runs with root
privleges. I wrote a protected version of system(3) that
I think is secure, and does what you would expect. Is this
really secure, does it really do what one would expect, and
is this really the best way to do it? I'd appreciate any
comments.
For the record, we are running System III on a Masscomp.
It would be nice if this routine didn't care which flavor
of UN*X it ran on.
safesystem(string)
char *string;
{
int status,pid;
pid=fork();
if(pid == 0)
{
setuid(getuid());
system(string);
}
else
{
while (wait(&status) != pid) ;
}
}
--
Bruce Karsh |
U. Wisc. Dept. Geology and Geophysics |
1215 W Dayton, Madison, WI 53706 | This space for rent.
(608) 262-1697 |
{ihnp4,seismo}!uwvax!geowhiz!karsh |
More information about the Comp.unix.wizards
mailing list