PHP is the new C
Posted Oct 12, 2006 13:38 UTC (Thu) by jschrod
In reply to: PHP is the new C
Parent article: Report: Vulnerability type distributions in CVE
That's not a problem; Perl uses execvp as long as there are no shell metacharacters in the string. Check out perldoc -f system, at the end of the first paragraph. And you can force it to sidestep the /bin/sh route by supplying the PROGRAM argument in any case.
to post comments)