Hello! > There are some user unchecked and unquoted input there > (subject, to and copy in the pipe_mail(), sort option in the > edit_sort_cmd() and filename itself in the edit_block_process()). > I don't like to see bug report about something like 'I formatted file > `echo rm -rf /*`.c and I loss my system after it' or so on. It seems we > need to quote such user input or use fork()+execvpe() for such cases.
You are right, we should not use system() unless the user expects the shell to interpret the commands, which is not the case in either of those functions. I don't think those bugs can be actually exploited, but writing quoted "some_command; rm -rf /" in the subject of e-mail can be a problem, and it can really happen. I actually don't understrand the reason why mc_doublepopen() uses two forks. The comment doesn't say anything about it. I'd like to see more unified approach to running external programs. -- Regards, Pavel Roskin _______________________________________________ Mc-devel mailing list [EMAIL PROTECTED] http://mail.gnome.org/mailman/listinfo/mc-devel