Re: injection
- Posted by Jim C. Brown Jul 13, 2008
- 722 views
Matt Lewis said...
CChris said...
system( "rm \"file_name\"", 0 )
Not good?
Nope. For instance:
file_name = "\"; rm -rf \"~/*"
Matt
shell argument escaping would take care of this.
Matt Lewis said...
PS Some birds do swim.
Which is why its a perfect choice of question! The ambiguity guarrantees only a human brain will be able to solve it!
At least until thoes T-500s start ramping up production...