Re^3: Asynchronous Program Spawning

Due care must be spent on sanitizing and escaping the arguments if they are not hard coded.

$file_name = 'file name';
system("program $file_name &");  # Oops!
[download]

Without due care, the code may not work, or worse, it could be vulnerable to injection attacks.

Comment on Re^3: Asynchronous Program Spawning Download Code

Replies are listed 'Best First'.
Re^4: Asynchronous Program Spawning by BrowserUk (Patriarch) on Feb 12, 2006 at 19:40 UTC
If you do that as `system qq[program "$filename" &];` [download] It won't matter if the filename contains spaces or not. That's a simple programming problem and hardly worthy of description as "security issue". As for "injection attacks", I assume that you mean if the source of all or part of the command supplied to the system command is an untrusted external source, then care must be taken. I fail too see how the start command is any more or less of a security risk to invoking an untrusted command directly? If you get data from untrusted sources, don't you have to be just as careful invoking that data as a command directly as you do invoking it indirectly via a command shell? Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error. Lingua non convalesco, consenesco et abolesco. -- Rule 1 has a caveat! -- Who broke the cabal? "Science is about questioning the status quo. Questioning authority". In the absence of evidence, opinion is indistinguishable from prejudice.	[reply] [d/l]
Re^5: Asynchronous Program Spawning by ikegami (Patriarch) on Feb 12, 2006 at 19:48 UTC
I didn't say it was impossible. I didn't say it was hard. I was just giving a warning. And apparently it was warranted, since your code suffers from the very bug I mentioned. It will fail when the file name contains a double-quote. If you get data from untrusted sources, don't you have to be just as careful invoking that data as a command directly as you do invoking it indirectly via a command shell? You have one less thing to protect yourself against. By using `system PRORAM, LIST`, you don't have to worry about special characters.	[reply] [d/l]
A reply falls below the community's threshold of quality. You may see it by logging in.