[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: LYNX-DEV Alleged Lynx security emergency
From: |
T.E.Dickey |
Subject: |
Re: LYNX-DEV Alleged Lynx security emergency |
Date: |
Wed, 2 Jul 1997 13:32:59 -0400 (EDT) |
> I assume that what is _really_ being proposed is something like:
>
> execl(COPY_PATH, File, SugFile, (char *)NULL);
right (we'd already decided to get rid of hardcoded paths in the program).
> rather than using /bin/cp, since there should never be a hard coded
> path to a file to exec coded in lynx's code itself.
>
> What function does VMS use in place of exec? What does Windows use?
The VAX C runtime library has a 'system()' function, but it is generally
conceded to be unusable (in the same context where a Unix application
would use system) because the stdout/stderr are redirected to the VAX
equivalent of /dev/null. In this context, I've used lib$spawn.
> Perhaps what is needed is a LYexec function which then has #ifdef's
> for the various environments?
that is, in fact, what is needed.
--
Thomas E. Dickey
address@hidden
http://www.clark.net/pub/dickey
;
; To UNSUBSCRIBE: Send a mail message to address@hidden
; with "unsubscribe lynx-dev" (without the
; quotation marks) on a line by itself.
;