Mailinglist Archive: opensuse-de (4938 mails)

< Previous Next >
Re: Aerger mit SBit
  • From: haller@xxxxxxxxxxxxxx (Martin Haller)
  • Date: Tue May 23 14:16:11 2000
  • Message-id: <392A92AB.EFAB79FB@xxxxxxxxxxxxxx>



Hi Stefan,

Lies mal `man 3 system':

Do not use system() from a program with suid or sgid priv­
ileges, because strange values for some environment vari­
ables might be used to subvert system integrity. Use the
exec(3) family of functions instead, but not execlp(3) or
---> execvp(3). system() will not, in fact, work properly from
programs with suid or sgid privileges on systems on which
/bin/sh is bash version 2, since bash 2 drops privileges
on startup. (Debian uses a modified bash which does not
do this when invoked as sh.)

Ciao,
Stefan

Danke! Da war der Haken!

Tschüss Martin

---------------------------------------------------------------------
To unsubscribe, e-mail: suse-linux-unsubscribe@xxxxxxxx
For additional commands, e-mail: suse-linux-help@xxxxxxxx

< Previous Next >
References