Casper.Dik at Sun.COM wrote:
>
> >Casper.Dik at sun.com wrote:
> >
> >>
> >> > If not used carefully, the system(3C) function may be responsible for
> >> > the following security concerns:
> >> >
> >> > + Execution of the command is affected by the PATH, IFS and other
> >> > environment variables.
> >>
> >> None of our current shells evaluates the IFS environment variable.
> >
> >The Bourne Shell (bin/sh) does.
> >
>
>
> Not in Solaris; it was fixed before Solaris 7 (bug 4077929)
Why do you believe this?
sh/name.c:
struct namnod ifsnod =
{
&homenod,
&mailnod,
(unsigned char *)ifsname
};
...
/*
* strip leading IFS characters
*/
for (;;)
{
d = nextwc();
if(eolchar(d))
break;
rest = readw(d);
pc = c;
while ((*pc++ = *rest++) != '\0');
if(!anys(c, ifsnod.namval)) <---------
break;
}
Or did you rather mean "system()" from Solaris than "our current shells"?
J?rg
--
EMail:joerg at schily.isdn.cs.tu-berlin.de (home) J?rg Schilling D-13353 Berlin
js at cs.tu-berlin.de (uni)
joerg.schilling at fokus.fraunhofer.de (work) Blog:
http://schily.blogspot.com/
URL: http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily
