Bird
0
0

Why is execFile considered safer than exec when running external programs?

hard📝 Conceptual Q10 of 15
Node.js - Child Processes
Why is execFile considered safer than exec when running external programs?
AexecFile runs code inside the Node.js process
BexecFile automatically sanitizes all input arguments
CexecFile runs the executable directly without a shell, avoiding shell injection risks
DexecFile limits the execution time of the program
Step-by-Step Solution
Solution:

  1. Step 1: Compare execFile and exec behavior

    exec runs commands inside a shell, which can interpret special characters and cause injection vulnerabilities.

  2. Step 2: Understand execFile safety

    execFile runs the executable directly without a shell, so it does not interpret shell metacharacters, reducing injection risks.

  3. Final Answer:

    execFile runs the executable directly without a shell, avoiding shell injection risks -> Option C

  4. Quick Check:

    execFile safer due to no shell usage [OK]
Quick Trick: execFile avoids shell, safer from injection [OK]
Common Mistakes:
  • Thinking execFile sanitizes inputs automatically
  • Confusing execFile with running inside Node.js
  • Assuming execFile limits execution time

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Node.js Quizzes
Child Processes - Handling child process errors - Quiz 13medium Cluster Module - Forking workers per CPU core - Quiz 1easy Debugging and Profiling - Heap snapshot for memory leaks - Quiz 5medium HTTP Module - Why building HTTP servers matters - Quiz 12easy HTTP Module - Response methods and status codes - Quiz 11easy URL and Query String Handling - Building URLs programmatically - Quiz 15hard URL and Query String Handling - URLSearchParams for query strings - Quiz 11easy URL and Query String Handling - Relative vs absolute URL resolution - Quiz 4medium Worker Threads - Worker pool pattern - Quiz 4medium Worker Threads - When to use workers vs cluster - Quiz 15hard