svn commit: r285864 - head/lib/libc/stdlib
Xin LI
delphij at FreeBSD.org
Sat Jul 25 00:21:30 UTC 2015
Author: delphij
Date: Sat Jul 25 00:21:29 2015
New Revision: 285864
URL: https://svnweb.freebsd.org/changeset/base/285864
Log:
Document the fact that system(3) can easily be misused due to shell meta
characters are honored. While I'm there also mention posix_spawn in the
SEE ALSO section.
MFC after: 2 weeks
Modified:
head/lib/libc/stdlib/system.3
Modified: head/lib/libc/stdlib/system.3
==============================================================================
--- head/lib/libc/stdlib/system.3 Sat Jul 25 00:14:02 2015 (r285863)
+++ head/lib/libc/stdlib/system.3 Sat Jul 25 00:21:29 2015 (r285864)
@@ -32,7 +32,7 @@
.\" @(#)system.3 8.1 (Berkeley) 6/4/93
.\" $FreeBSD$
.\"
-.Dd June 4, 1993
+.Dd July 25, 2015
.Dt SYSTEM 3
.Os
.Sh NAME
@@ -87,7 +87,8 @@ failed.
.Xr execve 2 ,
.Xr fork 2 ,
.Xr waitpid 2 ,
-.Xr popen 3
+.Xr popen 3 ,
+.Xr posix_spawn 3
.Sh STANDARDS
The
.Fn system
@@ -97,3 +98,14 @@ conforms to
and is expected to be
.St -p1003.2
compatible.
+.Sh SECURITY CONSIDERATIONS
+The
+.Fn system
+function is easily misused in a manner that enables a malicious
+user to run arbitrary command,
+because all meta-characters supported by
+.Xr sh 1
+would be honored.
+User supplied parameters should always be carefully santized
+before they appear in
+.Fa string.
More information about the svn-src-all
mailing list