Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 25 Jul 2015 00:21:29 +0000 (UTC)
From:      Xin LI <delphij@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r285864 - head/lib/libc/stdlib
Message-ID:  <201507250021.t6P0LT7Z013878@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: delphij
Date: Sat Jul 25 00:21:29 2015
New Revision: 285864
URL: https://svnweb.freebsd.org/changeset/base/285864

Log:
  Document the fact that system(3) can easily be misused due to shell meta
  characters are honored.  While I'm there also mention posix_spawn in the
  SEE ALSO section.
  
  MFC after:	2 weeks

Modified:
  head/lib/libc/stdlib/system.3

Modified: head/lib/libc/stdlib/system.3
==============================================================================
--- head/lib/libc/stdlib/system.3	Sat Jul 25 00:14:02 2015	(r285863)
+++ head/lib/libc/stdlib/system.3	Sat Jul 25 00:21:29 2015	(r285864)
@@ -32,7 +32,7 @@
 .\"     @(#)system.3	8.1 (Berkeley) 6/4/93
 .\" $FreeBSD$
 .\"
-.Dd June 4, 1993
+.Dd July 25, 2015
 .Dt SYSTEM 3
 .Os
 .Sh NAME
@@ -87,7 +87,8 @@ failed.
 .Xr execve 2 ,
 .Xr fork 2 ,
 .Xr waitpid 2 ,
-.Xr popen 3
+.Xr popen 3 ,
+.Xr posix_spawn 3
 .Sh STANDARDS
 The
 .Fn system
@@ -97,3 +98,14 @@ conforms to
 and is expected to be
 .St -p1003.2
 compatible.
+.Sh SECURITY CONSIDERATIONS
+The
+.Fn system
+function is easily misused in a manner that enables a malicious
+user to run arbitrary command,
+because all meta-characters supported by
+.Xr sh 1
+would be honored.
+User supplied parameters should always be carefully santized
+before they appear in
+.Fa string.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201507250021.t6P0LT7Z013878>