Hi all, I have some Mason code which, at certain points, runs an external program via "system". Sometimes, the input provided by the user via a web page is used as input to the external program.
Is this safe? If not, does anyone have any advice on what I should do to ensure this is secure? For example, I was just suggested by someone that if any user input is passed directly to the external program, it better not allow the semi-colon or else someone could just add ";ls". So, this type of suggestion...anything else I should look out for? Thank you! Ray ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Mason-users mailing list Mason-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/mason-users
