Pavel Tsekov wrote: > On Fri, 6 Sep 2002, Andrew V. Samoilov wrote: > > >>There are some places in biultin editor, where systen() is called with >>unchecked user input. >> >>For example pipe_mail(), edit_sort_cmd() and edit_block_process_cmd() in >>edit/editcmd.c, but user input is not checked. It will be nice to use >>mc_doubleopen() there to prevent possible security and data loss issue >>there. > > > Do you refer to mc_doublepopen () ? If this is the case - what possible > problems would it solve ? Btw mc_doublepopen () is a pretty expensive > operation (2 forks) and should be replaced by some other mechanism.
There are some user unchecked and unquoted input there (subject, to and copy in the pipe_mail(), sort option in the edit_sort_cmd() and filename itself in the edit_block_process()). I don't like to see bug report about something like 'I formatted file `echo rm -rf /*`.c and I loss my system after it' or so on. It seems we need to quote such user input or use fork()+execvpe() for such cases. > > I was going to take a look at this but right now I have some important > task before I can go back to MC. > > Pavel Tsekov _______________________________________________ Mc-devel mailing list [EMAIL PROTECTED] http://mail.gnome.org/mailman/listinfo/mc-devel
