system() & user input
Andrew V. Samoilov
kai at cmail.ru
Mon Sep 9 11:40:35 UTC 2002
Pavel Tsekov wrote:
> On Fri, 6 Sep 2002, Andrew V. Samoilov wrote:
>
>
>>There are some places in biultin editor, where systen() is called with
>>unchecked user input.
>>
>>For example pipe_mail(), edit_sort_cmd() and edit_block_process_cmd() in
>>edit/editcmd.c, but user input is not checked. It will be nice to use
>>mc_doubleopen() there to prevent possible security and data loss issue
>>there.
>
>
> Do you refer to mc_doublepopen () ? If this is the case - what possible
> problems would it solve ? Btw mc_doublepopen () is a pretty expensive
> operation (2 forks) and should be replaced by some other mechanism.
There are some user unchecked and unquoted input there
(subject, to and copy in the pipe_mail(), sort option in the
edit_sort_cmd() and filename itself in the edit_block_process()).
I don't like to see bug report about something like 'I formatted file
`echo rm -rf /*`.c and I loss my system after it' or so on. It seems we
need to quote such user input or use fork()+execvpe() for such cases.
>
> I was going to take a look at this but right now I have some important
> task before I can go back to MC.
>
> Pavel Tsekov
More information about the mc-devel
mailing list