Programming and posix - April 2002
April 3, 2002
Solution Symposium
Page 60
hp e3000
programming
and posix
miscellaneous - system()
• int system(const char *command);
• passes command to the shell for execution
• all shell metacharacters will be acted upon, so use
EXTREME caution when passing user-supplied data to
system()! Note that popen() has the same issue.
• `hacker command string`
• | hacker command string
• > /some/file/to/destroy