[816] in WWW Security List Archive
Re: "Safe CGI" document
daemon@ATHENA.MIT.EDU (Alec Muffett)
Fri Aug 4 14:52:38 1995
From: Alec.Muffett@UK.Sun.COM (Alec Muffett)
To: lstein@genome.wi.mit.edu (Lincoln D. Stein)
Date: Fri, 4 Aug 1995 16:38:40 +0100 (BST)
Cc: www-managers@lists.stanford.edu, www-security@ns2.rutgers.edu
In-Reply-To: <ac47e3aa010210036b2c@[18.157.0.189]> from "Lincoln D. Stein" at Aug 4, 95 09:53:20 am
Errors-To: owner-www-security@ns2.rutgers.edu
>I'd like to add another perl "pearl" to the CGI security document. There
>is a little-documented feature in perl's system() and exec() function which
>allows you to invoke external programs (sendmail for instance) without
>going through a shell.
I agree wholeheartedly - the perl implementation of "exec" is
beautiful, and (when used properly) is an excellent lever to launch
other processes securely.
>If you pass exec() and system() an array consisting of each of the command
>line arguments, then perl bypasses the shell and calls the program
>directly. Any shell metacharacters present in the arguments are passed to
>the program uninterpreted.
Moreover, you can (even less well known) supply a custom value of
argv[0] to the exec'ed process, by overloading the first element of
the list, eg:
exec ("/bin/csh" "-csh") || die "$0: exec: shell csh: $!\n";
/--^^^^^^^^^^^^^^^^^^^^^^^^
|
\- no commas, no nothing, will launch a bourne shell with the "-csh"
argv[0] requires for ".login" processing.
- alec
