Date: Sat, 26 Jan 2002 09:40:08 -0800 (PST) From: Giorgos Keramidas <keramida@freebsd.org> To: freebsd-bugs@FreeBSD.org Subject: Re: misc/34270: man -k could be used to execute any command. Message-ID: <200201261740.g0QHe8r07531@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR misc/34270; it has been noted by GNATS. From: Giorgos Keramidas <keramida@freebsd.org> To: "Crist J. Clark" <cjc@freebsd.org> Cc: bug-followup@freebsd.org Subject: Re: misc/34270: man -k could be used to execute any command. Date: Sat, 26 Jan 2002 18:18:17 +0200 (EET) Crist J. Clark wrote: > Since they can only execute commands with their own privileges. > > But this is still not a Good Thing. system(3) bad. system(3) very, > very bad. It should probably be turned into an execvp(2). Agreed. I don't like system() at all either. The gnu/usr.bin/man source though seems to use it in more than a few places. I'll try replacing system() with execlp() or execvp() tonight in all of gnu/usr.bin/man/. - Giorgos To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200201261740.g0QHe8r07531>