Enlightenment CVS committal
Author : xcomputerman
Project : e17
Module : apps/entrance
Dir : e17/apps/entrance/src/client
Modified Files:
entrance_session.c entrance_session.h
Log Message:
Use of system() introduces potential security vulnerability. Please modify
code locally if execl() is giving you problems. :)
===================================================================
RCS file: /cvsroot/enlightenment/e17/apps/entrance/src/client/entrance_session.c,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -3 -r1.22 -r1.23
--- entrance_session.c 27 Nov 2003 03:26:57 -0000 1.22
+++ entrance_session.c 23 Dec 2003 01:18:05 -0000 1.23
@@ -275,8 +275,8 @@
syslog(LOG_CRIT, "Unable to set user id.");
entrance_auth_free(e->auth); /* clear users's password out of memory */
-// execl("/bin/sh", "/bin/sh", "-c", buf, NULL);
- system(buf);
+ execl("/bin/sh", "/bin/sh", "-c", buf, NULL);
+/* system(buf); */
ecore_x_shutdown();
ecore_shutdown();
exit(0);
===================================================================
RCS file: /cvsroot/enlightenment/e17/apps/entrance/src/client/entrance_session.h,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -3 -r1.8 -r1.9
--- entrance_session.h 31 Oct 2003 04:39:52 -0000 1.8
+++ entrance_session.h 23 Dec 2003 01:18:05 -0000 1.9
@@ -4,7 +4,6 @@
#include<Edje.h>
#include<Evas.h>
#include<Ecore.h>
-#include<Ecore_X.h>
#include<Ecore_Evas.h>
#include<stdio.h>
#include<limits.h>
-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
Free Linux Tutorials. Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
_______________________________________________
enlightenment-cvs mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/enlightenment-cvs
