Are system() calls evil?

Question

I am designing an C++ app that, among other things, executes a few scripts every now and then. The app should be efficient and preferably platform independent.

The i

Answer 1

Regarding security concerns, a classical example about (4) is the following scenario: imagine the user is prompted to give some directory name to be backed up into a std::string dirname; then you'll compute some backup directory name into a std::string backup and do

system((std::string{"cp -a "} + dirname + " " + backup).c_str())

Now think what happens if a malicious user enter foo bar; rm -rf $HOME; ls as the dirname and backup is /vol/backup_2015_fev/. The system command would execute

cp -a  foo bar; rm -rf $HOME; ls /vol/backup_2015_fev/

which is not what you expected (all the user's $HOME would be deleted!). This is an example of code injection, and when using system you should ensure that it never happens (e.g. by sanitizing and/or escaping every user input related string)

Also, the PATH might not be what you believe it is (e.g. starting with /tmp/ and a malicious user having done ln -s /bin/rm /tmp/cp before your system runs).