Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/18/84; site lsuc.UUCP
Path: utzoo!lsuc!dave
From: dave@lsuc.UUCP (David Sherman)
Newsgroups: net.unix-wizards
Subject: Re: Safe version of system(3) call.
Message-ID: <623@lsuc.UUCP>
Date: Fri, 26-Apr-85 09:59:18 EST
Article-I.D.: lsuc.623
Posted: Fri Apr 26 09:59:18 1985
Date-Received: Fri, 26-Apr-85 12:32:51 EST
References: <178@geowhiz.UUCP>
Reply-To: dave@lsuc.UUCP (David Sherman)
Distribution: net
Organization: Law Society of Upper Canada, Toronto
Lines: 34
Summary: if fork fails, this will infinite-loop

In article <178@geowhiz.UUCP> karsh@geowhiz.UUCP (Bruce Karsh) writes:
||safesystem(string)
||char *string;
||{
||int status,pid;
||pid=fork();
||if(pid == 0)
||  {
||  setuid(getuid());
||  system(string);
||  }
||else
||  {
||  while (wait(&status) != pid) ;
||  }
||}

Looks OK to me, although while you're at it you should check
the SHELL environment variable, so someone who gets put into an
application when they sign on can't escape therefrom to the shell.

Also, if the fork() call fails and returns -1, the wait will
always return -1, and you'll loop forever. Not that most
UNIX programs are a heck of a lot more graceful in handling
fork failures, but at least they recognize it.

For that matter, the extra fork is unnecessary overhead. Copy
the system code (or invent it if you don't have source - it's
pretty simple), implement it in safesystem, and save a fork.

Dave Sherman
The Law Society of Upper Canada
-- 
{  ihnp4!utzoo  pesnta  utcs  hcr  decvax!utcsri  }  !lsuc!dave