Re: system() call in suid programs

[max () gac edu (Max Hailperin)]

   Date:        Fri, 14 Jun 1996 12:31:53 -0400
   From: Valdis.Kletnieks () vt edu

   The worst part is that coding the fork/exec *yourself* takes only 5-6 lines
   more, and you can shut down almost all of these attacks.

All though I more-or-less agree, it takes a significant enough amount
of work to shut them all down, and is easy enough to screw up, that
there is no point in not packaging up once and for all the code for
doing this into a library and then using that, rather than over and
over coding those 5-6 lines (or whatever it really is) by hand.

Sure enough, this has been done, namely by Matt Bishop in his msystem
library.  I endorse the approach he took (packaging the code into a
library) more than necessarily endorsing (or speaking against) his
specific implementation -- I haven't done a careful security audit on
it to allow me to do that.  However, the great thing about source code
distribution is that not only can you check his code, but also if you
find a bug in it, you can fix it!  So why not take whatever energy
you'd put into crafting your own N+1st solution to the system(3) and
popen(3) problem and instead devote it to improving msystem (if it
needs it)?

 -Max Hailperin
  Assistant Professor of Computer Science
  Gustavus Adolphus College
  800 W. College Ave.
  St. Peter, MN 56082
  USA