Thread: executing a program help

  1. #16
    and the hat of int overfl Salem's Avatar
    Join Date
    Aug 2001
    Location
    The edge of the known universe
    Posts
    39,660
    Not posting your error messages was one thing.
    Not including the whole path in "" was another.
    If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
    If at first you don't succeed, try writing your phone number on the exam paper.

  2. #17
    Registered User
    Join Date
    Jun 2007
    Posts
    219
    Quote Originally Posted by Desolation
    Edit: You might also want to know that if someone were to replace the console executable (cmd.exe on Windows) with a
    malicious program, calling system() would trigger that malicious program.
    Thus, system() isn't safe.
    Then Windows Would not work Properly

  3. #18
    Registered User
    Join Date
    Sep 2006
    Posts
    835
    > Then Windows Would not work Properly
    But if it's done subtly, you wouldn't know that. And even if you did, once the executable is triggered, the damage might be done before you have a chance to do anything about it.

  4. #19
    Registered User
    Join Date
    Jun 2007
    Posts
    219
    I didnt Understand What you told.

  5. #20
    Frequently Quite Prolix dwks's Avatar
    Join Date
    Apr 2005
    Location
    Canada
    Posts
    8,057
    Say cmd.exe was replaced with a program which formatted your hard drive. Sure, Windows wouldn't work properly. But if you ran cmd.exe, the damage would be done anyway.

    But you wouldn't have to have cmd.exe replaced. If the program you were running was replaced or infected or something, like sample.exe, Windows might work just fine until you ran this program.

    If you supply the complete path to a program, there's a slightly reduced security risk, but not by much, especially on Windows systems. Executing an external program always has some risks.

    [edit] Also, There's No Need To Do This. [/edit]
    dwk

    Seek and ye shall find. quaere et invenies.

    "Simplicity does not precede complexity, but follows it." -- Alan Perlis
    "Testing can only prove the presence of bugs, not their absence." -- Edsger Dijkstra
    "The only real mistake is the one from which we learn nothing." -- John Powell


    Other boards: DaniWeb, TPS
    Unofficial Wiki FAQ: cpwiki.sf.net

    My website: http://dwks.theprogrammingsite.com/
    Projects: codeform, xuni, atlantis, nort, etc.

  6. #21
    Registered User
    Join Date
    Jun 2007
    Posts
    219
    But I dont understand where is the Risk of the Programmer if something bad went on it will affect that users (who was trying to crack that) PC not the Programmers one. As it was w orking fine when it was just factory made. The User is trying to so something Bad So teh User is reliable for that. Where is the Headeche of teh Programmer here ??

  7. #22
    Hurry Slowly vart's Avatar
    Join Date
    Oct 2006
    Location
    Rishon LeZion, Israel
    Posts
    6,788
    Where is the Headeche of teh Programmer here ??
    How many users will want to buy your program after they know that the program puts their computers under some risks?
    How long will you stay at your job after the marketing will fail to sell the product?
    All problems in computer science can be solved by another level of indirection,
    except for the problem of too many layers of indirection.
    – David J. Wheeler

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Replies: 40
    Last Post: 09-01-2006, 12:09 AM
  2. Need help with my program...
    By Noah in forum C Programming
    Replies: 2
    Last Post: 03-11-2006, 07:49 PM
  3. Executing a program
    By trancedeejay in forum C Programming
    Replies: 7
    Last Post: 03-06-2006, 08:55 AM
  4. Problem executing sample program:
    By mrabiu in forum C++ Programming
    Replies: 4
    Last Post: 03-13-2004, 06:44 PM
  5. My program, anyhelp
    By @licomb in forum C Programming
    Replies: 14
    Last Post: 08-14-2001, 10:04 PM