On 2019/03/06 22:20, Theo de Raadt wrote: > I'm not sure why this matters. > > Fundamentally system is fork+exec via a shell. So you write it as > minimal fork+exec. > > What is the particular benefit you see here, is it security -- and if > so, what is the security benefit? Have you identified a quoting problem? > Can you pinpoint the issue and explain it please?
> > I had sent a similar patch a while back. There seemed to me some > > interest, but it was never comitted. Updated to apply to -current. At the time of the first version of this diff there was a quoting problem (and a "passwords showing in ps(1)" problem) but it was fixed differently in ikeca.c:1.46
