tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: [PATCH] Fix system() behaviour when parameter is NULL

Andy Shevchenko wrote:
On Thu, Aug 28, 2008 at 9:15 PM, mouss <> wrote:
Is using access() a "clean" way? access(2) says:
"access() is a potential security hole and should never be used."
I understand "never" as never ;-p
strtok(), f.e., says the same.
But system() itself is a security hole.


And what are you propose?

"fix" access man page as suggested by Steven?

Home | Main Index | Thread Index | Old Index