tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: [PATCH] Fix system() behaviour when parameter is NULL



On Thu, Aug 28, 2008 at 9:15 PM, mouss <mouss%netoyen.net@localhost> wrote:
> Is using access() a "clean" way? access(2) says:
> "access() is a potential security hole and should never be used."
> I understand "never" as never ;-p
strtok(), f.e., says the same.
But system() itself is a security hole.

And what are you propose?

-- 
With Best Regards,
Andy Shevchenko


Home | Main Index | Thread Index | Old Index