From 51765347c867850bcc3c92e20869f6a530d8d0a2 Mon Sep 17 00:00:00 2001
From: aaron <>
Date: Fri, 6 Oct 2000 04:17:51 +0000
Subject: Add a CAVEATS section to warn programmers that shell meta-characters
 will be passed to the command interpreter.

---
 src/lib/libc/stdlib/system.3 | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'src/lib')

diff --git a/src/lib/libc/stdlib/system.3 b/src/lib/libc/stdlib/system.3
index 2db413934e..83c6de80e3 100644
--- a/src/lib/libc/stdlib/system.3
+++ b/src/lib/libc/stdlib/system.3
@@ -33,7 +33,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.\"     $OpenBSD: system.3,v 1.7 2000/04/20 13:50:03 aaron Exp $
+.\"     $OpenBSD: system.3,v 1.8 2000/10/06 04:17:51 aaron Exp $
 .\"
 .Dd June 29, 1991
 .Dt SYSTEM 3
@@ -93,3 +93,11 @@ function conforms to
 .St -ansiC
 and
 .St -p1003.2-92 .
+.Sh CAVEATS
+Never supply the
+.Fn system
+function with a command containing any part of an unsanitized user-supplied
+string.
+Shell meta-characters present will be honored by the
+.Xr sh 1
+command interpreter.
-- 
cgit v1.2.3-55-g6feb