Zsh Mailing List Archive
Messages sorted by: Reverse Date, Date, Thread, Author

Re: 8-bit patch for zle_tricky.c



In your mail, you said:
[...]
> There's a simple solution to that.  Set IFS before using system.  IMO,
> setuid programs shouldn't be using system(3), but it is possible to do
> it safely.

Of course. But the point I was trying to make is that not only setuid
scripts, but also setuid C programs calling system (and thus unintentionally
invoking sh) can represent security problems. Which is why IFS is used the
way it is in bash/ksh.

-- 
hniksic@xxxxxxx              |  Student of electrical engineering
hniksic@xxxxxxxxxxxxx        |  University of Zagreb, Croatia
------------------------------------------------------------------
`VI' - An editor used by those heretics that don't subscribe to
       the Emacs religion.




Messages sorted by: Reverse Date, Date, Thread, Author