ESAPI-C 1.0
The OWASP Enterprise Security API for C

executor.c File Reference

A Command Shell Executor module implementation. More...

#include <string.h>
#include "executor.h"
#include "log.h"

Go to the source code of this file.

Defines

#define EXTRA_COMMANDS   7

Functions

int is_canonical (char *path)
 Determine whether the given path is canonicalized on this platform, using a POSIX method.
int is_allowed (char *path)
 Determine whether the given path is allowed by the configured security policy.
char * esapi_execute (char *executable, char **params, int paramcount, char *workdir, codec *c, bool logParams)
 The reference implementation sets the work directory, escapes the parameters as per the Codec in use, and then executes the command without using concatenation.

Detailed Description

A Command Shell Executor module implementation.

Since:
January 30, 2011

Definition in file executor.c.


Function Documentation

char* esapi_execute ( char *  executable,
char **  params,
int  paramcount,
char *  workdir,
codec c,
bool  logParams 
)

The reference implementation sets the work directory, escapes the parameters as per the Codec in use, and then executes the command without using concatenation.

Spawns a new process to execute the given command.

The exact, absolute, canonical path of each executable must be listed as an approved executable in the ESAPI properties. The executable must also exist on the disk. All failures will be logged, along with parameters if specified. Set the logParams to false if you are going to invoke this interface with confidential information.

Definition at line 50 of file executor.c.

References esapi_log_warn(), is_allowed(), and is_canonical().

 All Data Structures Files Functions Variables Typedefs Defines