lynx-dev
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LYNX-DEV Alleged Lynx security emergency

From: T.E.Dickey
Subject: Re: LYNX-DEV Alleged Lynx security emergency
Date: Tue, 1 Jul 1997 21:09:47 -0400 (EDT) 
> > Still, I think the right way to fix this problem is:
> > execl("/bin/cp", File, SugFile, 0);   /* Substitute proper variables. */
> > which doesn't start up an sh at any point in time if I'm not mistaken.
> 
> I have not seen this suggestion refuted.  Intuitively it seems like
> the safest coding method.  I did not understand TD's comment on this,
> however.  Is there a portability problem with using execl()?
I don't remember my comment - but in essence I was advising using execl,
etc., yes.

(That doesn't work on VMS, of course - I may have mentioned that).

-- 
Thomas E. Dickey
address@hidden
http://www.clark.net/pub/dickey
;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;
reply via email to
[Prev in Thread] Current Thread [Next in Thread]