system calls

Anon

Hey guys, I wrote a small program as shown below that is used to linux man pages over the internet. I was looking at the code and realized that there is a big security hole becuase the user could enter in the text box "themanpage ';' system command" which would allow anyone to execute system commands with the apache user permissions. Can anyone tell me how to limit what I will allow in the text box? such as if there is a semi colon then delete it or give them a message like "nice try ;-)"

Thanks,

Ben LeMasurier

Source:

echo "
<head>
<title>PHPMan

    </title>
    </head><body bgcolor=#ffffff>"; // start out the html

$view = man $page | col -b; // change the variable to exec a system command
echo "<pre>$view</pre>";
?>
</body>

Anon

Good notes on:
http://www.php.net/manual/en/function.escapeshellcmd.php

Look into:
http://www.php.net/manual/en/function.escapeshellarg.php

If you have questions, feel free to ask... but this should cover what you need.

Anon

hey thanks alot!

Anon

Just as an additional note (this is mentioned in the doc pages I listed above), you should really use the escapeshellarg() function, since the escapeshellcmd() function is exploitable.