Date: Wed, 13 Jun 2007 18:25:59 +0200 From: Joerg Sonnenberger <joerg@britannica.bec.de> To: freebsd-hackers@freebsd.org, hackers@freebsd.org Subject: Re: Using shell commands versus C equivalents Message-ID: <20070613162559.GA5093@britannica.bec.de> In-Reply-To: <20070613161552.GA83292@keira.kiwi-computer.com> References: <466F86C6.7010006@u.washington.edu> <20070613123213.GE98927@bunrab.catwhisker.org> <E1HySxb-000PIg-89@cs1.cs.huji.ac.il> <46700CAE.6020902@u.washington.edu> <20070613161552.GA83292@keira.kiwi-computer.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jun 13, 2007 at 11:15:52AM -0500, Rick C. Petty wrote: > Another improvement made by using stat(2)/chmod(2) over chmod(1) using > system(3) variants is the protection against malicious filenames. The > original code should have used fork/execv instead anyway. To be precise, this case should use open/fstat/fchmod to avoid another bunch of race conditions. Joerg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070613162559.GA5093>