[horde] calls to popen()

Vilius Šumskas vilius at lnk.lt
Sat Feb 11 07:16:38 UTC 2012


Saturday, February 11, 2012, 12:57:10 AM, you wrote:

> what is this after update H3 some minutes ago?

> Feb 10 22:52:52 [30092] ALERT - function within blacklist called:
> popen() (attacker '', file
> '/usr/share/horde/lib/Horde/Crypt/pgp.php', line 1696)

> there are existing pear packages and no single need to
> open command execution which nobody will do interested
> in security for foreign software

There  is nothing wrong with popen() calls. If you "security" software
thinks overwise, then it is seriously botched.

Best regards,

More information about the horde mailing list