Answer the question
In order to leave comments, you need to log in
V
V
Vyacheslav Pukhanov2013-12-04 13:07:10
Vyacheslav Pukhanov, 2013-12-04 13:07:10
GCC: blocking system() calls?
Hello.
There was a need to prohibit the compilation of programs that call system (). Can this be done with compiler options or config changes? Or just parse the source before compiling, look for calls there?
Thank you.
3 answer(s)
@vpukhanov
@IlyaEvseev
N
nekipelov, 2013-12-04 @vpukhanov
Why do you need it? Easiest way: -Dsystem or remove system from stdlib.h. Of course this is easy to do. But the parsing option is just as easy to manage (you can implement your own system or call the function by dynamically encoding the name in "\x73\x79\x73\x74\x65\x6d". The only guaranteed way is to organize a sandbox.
I
Ilya Evseev, 2013-12-05 @IlyaEvseev
System calls /bin/sh.
You can rename it to sh2, and make sh a wrapper that will check where it is called from.
If the parent is in PATH, call sh2.
Otherwise write to syslog and exit.
But this is a crutch, and it is not a fact that all other programs will like it.
Similar questions
B
bubbleboom2015-08-01 21:20:16
Where can I find a repository for Centos 7 with fresh GCC (5.2)?
3Reply
M
U
I
S
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question