>>>>> On Tue, 27 Sep 2005 14:50:21 +0200, Thomas Anders <[EMAIL PROTECTED]> >>>>> said:
Thomas> once in a while users report problem with exec/extend and scripts, like Thomas> in recent bug #1178915: Thomas> http://sf.net/support/tracker.php?aid=1178915 Thomas> Wes has closed this one mentioning the workaround/fix of using "exec Thomas> /path/to/shell /path/to/script ...". However, I don't find this Thomas> behaviour documented. Am I missing something? Thomas> What directives (exec/extend/traphandle/...?) and 5.x lines are Thomas> affected? I really think this should be either documented or fixed. It was documented at one point, I'm 99% sure (but I've been wrong about being 99% sure about 99% of the time). Specifically, there used to be 2 directives "exec" and "sh". The difference between them was that exec was calling exec() and shell was calling system(). There have always been a large number of people that felt that exec() was more secure than system() since it was more direct in making you be sure to know what you were doing. IE, system environment, paths, etc didn't possibly convince you to run the "wrong thing". Thus, for security purposes, I implemented both exec and system calls a long long time ago (possibly even pre ucd-snmp). I separated them out so that you could pick and choose between them as your security needs saw fit. exec(), however and intentionally, will not execute shell scripts and must point at a real binary. Thus you had to specify the path to the shell script that you really wanted it to run under (in a similar vein (but not identical) in the way that cron always runs scripts under sh). The "sh" directive, however, would operate like the above. You're right, however, that this behavior should be documented. -- Wes Hardaker Sparta, Inc. ------------------------------------------------------- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42" plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php _______________________________________________ Net-snmp-coders mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
