Quote:
Originally Posted by raj010
system command will be executed in bash.....i don't want to use bash shell
|
OK, then exec the program you want directly (actually fork()/exec() the program you want) without calling the shell. Yes, for many purposes, using bash is a bad idea, certainly not using it is way more secure..you don't want to run their profile with your root authority for example.. In order to be sure, you clear the environment (after the fork, in the child) and exec the program you want using the complete path name.
Remember that in Unix, you have to do all substitution that the shell would otherwise do. So you would want (pseudocode, use your own man pages)..
pid_t child;
if((child=fork())== 0) { // in child
// in a loop close everything but fd 0,1,2.
http://www.linuxquestions.org/questi...iptors-571188/
execle("/path/mke2fs", "mke2fs","/dev/partition",NULL, NULL); // Second null is environment
perror("whoops, exec of mke2fs failed");
exit(1);
}
if(child == -1) {
perror("fork failed");
exit(1);
}
waitpid(child,.......);
And so forth. That allows you to call another program without using bash, more or less, for security reasons. Of course, you should be sure that you are calling from the system library. You might consider checking the ownership of the program you want to exec to increase the chance it is not a trojan.