so who has mkdir and rmdir for system V
jas at rtech.UUCP
jas at rtech.UUCP
Mon Jul 14 08:16:22 AEST 1986
Keywords:
Regarding "idiot proofing" a mkdir library routine: code like this
if ((fp = popen("sh", "w")) == NULL)
return -1;
(void) fputs("mkdir 2>&- '", fp);
is a security problem for setuid-root (or setuid-anybody) programs
that want to call it. "/bin/sh" and "/bin/mkdir" should be specified,
for reasons that should be clear.
Jim Shankland
..!ihnp4!cpsc6a!\
rtech!jas
..!ucbvax!mtxinu!/
More information about the Comp.unix.wizards
mailing list