Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sdd.hp.com!elroy.jpl.nasa.gov!decwrl!sgi!vjs@rhyolite.wpd.sgi.com
From: vjs@rhyolite.wpd.sgi.com (Vernon Schryver)
Newsgroups: comp.sys.sgi
Subject: Re: Starting up another process from within a C program
Message-ID: <74620@sgi.sgi.com>
Date: 9 Nov 90 18:54:41 GMT
References: <1990Nov5.124751.14923@jarvis.csri.toronto.edu> <55759@brunix.UUCP>
Sender: guest@sgi.sgi.com
Organization: Silicon Graphics, Inc., Mountain View, CA
Lines: 19

In article <55759@brunix.UUCP>, sgf@cs.brown.edu (Sam Fulcomer) writes:
> In article <1990Nov7.155855.16316@odin.corp.sgi.com> jmb@patton.wpd.sgi.com (Doctor Software) writes:
> >...
> >Now you understand why I like to use popen()/pclose().
> >...
> 
> Bear in mind that one of the things that makes popen more convenient is 
> its use of /bin/sh to exec the command. It's not always the most secure
> method.


Elaboration:  Never use popen() in a set-uid program for any UNIX system,
unless you understand the hole, and have done something about it.

(If you just want to open a hole, create a suid copy of your favorite
shell--it's easier to use.)


vjs