Quote:
Originally Posted by dminican_slax
I feel like I have to reply to everyone but that'd make the thread too long.
|
Just post a new version of your code I suppose.
Quote:
Originally Posted by dminican_slax
I don't know a lot about system() and it's security implications,
|
The main security implications aren’t necessarily in the way you’re using system. You’re passing a string literals so some of the problems are addressed. Security issues manifest themselves mostly when you try to craft a string or take it from the user and execute that. For example:
Code:
#include <stdlib.h>
#include <stdio.h>
int main(int argc, char**argv) {
char cmd[1024];
snprintf(cmd, sizeof cmd,
"/bin/echo 'Hello, %s'",
argc < 2 ? "World" : argv[1]);
system(cmd);
return 0;
}
Code:
$ ./a
Hello, World
$ ./a 'Jane Doe'
Hello, Jane Doe
$ ./a "Foo'; echo Executing evil command'"
Hello, Foo
Executing evil command
This particular issue can be fixed by using
exec* which lets you pass arguments to the command directly (but remember that exec essentially ‘terminates’ process that calls the method so it’s not a drop-in replacement for system; to do what system does, the process first need to fork):
Code:
#include <stdio.h>
#include <unistd.h>
int main(int argc, char**argv) {
char greeting[1024];
snprintf(greeting, sizeof greeting,
"Hello, %s", argc < 2 ? "World" : argv[1]);
execl("/bin/echo", "/bin/echo", greeting, (char*)0);
return 1;
}
Code:
$ ./a "Foo'; echo executing evil command'"
Hello, Foo'; echo executing evil command'
There are some other attack vectors; not all of them are addressed by
exec* functions. There are also of course some performance considerations which make system undesirable.
In your code one other issue is that you’re not quoting variables in the system commands, e.g. you should be using
system("echo \"$SHELL\""); and same for other commands which print environment variables.
Speaking of environment variables though, there’s a
getenv function which returns value of an environment variable if it’s set so you might prefer using that to system.