Difference between revisions of "Exec system call"
From Teknologisk videncenter
m (→Simple use) |
m |
||
| Line 16: | Line 16: | ||
int main() | int main() | ||
{ | { | ||
| − | execlp("ls", "ls", "-l", "/etc", NULL); | + | execlp("ls", "ls", "-l", "/etc", NULL); // See security note below!!! |
return 1; | return 1; | ||
} | } | ||
</source> | </source> | ||
| − | + | ==Security== | |
| + | As '''execlp()''' searches through $PATH to find the executable file - it is possible to put an executable with the same name earlier in $PATH and run a bogus and evil program. Use '''execl("/usr/bin/ls", "ls", "-l", "/etc", NULL);''' instead if possible. | ||
| + | |||
[[Category:Linux]][[Category:C]] | [[Category:Linux]][[Category:C]] | ||
Revision as of 09:06, 17 December 2022
The exec() family executes a file as a new process. See fork system call for "cloning" a process.
The
Simple use
The execlp() is one of the function call in the exec family. See manpage
The five arguments in the execlp() below is:
- ls - the executable file must be in $PATH
- ls - argv[0] as seen from the executable file
- -l - argv[1] as seen from the executable file
- /etc - argv[2] as seen from the executable file
- NULL - argv[3] as seen from the executable file - end of argument list
#include <stdio.h>
#include <unistd.h>
int main()
{
execlp("ls", "ls", "-l", "/etc", NULL); // See security note below!!!
return 1;
}
Security
As execlp() searches through $PATH to find the executable file - it is possible to put an executable with the same name earlier in $PATH and run a bogus and evil program. Use execl("/usr/bin/ls", "ls", "-l", "/etc", NULL); instead if possible.