I was trying to create an example for FreeBSD 8-STABLE, and found that one cannot rely on (from system) ...
... If there is only one scalar argument, the argument is checked for shell metacharacters, and if there are any, the entire argument is passed to the system's command shell for parsing (this is "/bin/sh -c" on Unix platforms, but varies on other platforms). If there are no shell metacharacters in the argument, it is split into words and passed directly to "execvp", which is more efficient. ...
... as I could not find any trace of a shell for system q[date 2>&1] & ktrace via ...
ktrace -di perl -e 'print system q[date 2>&1]' \ && kdump -d | fgrep /bin/sh
... had to use ...
ktrace -di perl -e 'print system q[date 2>&1 </dev/null]'
... to invoke the shell (/bin/sh). Apparently 2>&1 does not qualify as shell metacharacters (here).
(An actual example has yet to be produced.) date 2
In reply to Re^3: The importance of avoiding the shell
by parv
in thread The importance of avoiding the shell
by jhourcle
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |