Why does system() still exist?

Question

I am aware of this question: Why does system() exist? But the accepted answer refers to C89, a 30 year old standard, which won't really help me. As far as I know, system() is a resource intensive security flaw, in addition to not being portable across operating systems. Even if there is a legitimate reason to for the functionality, I don't believe there's anything stopping me from writing system("rm -rf /*"). Generally a 1 liner to delete nearly everything is probably not a great language feature. This article proclaims it to be evil for quite a few reasons.

In the question linked above a comment states that system "is the only portable way to perform system-specific stuff." This doesn't make sense to me, the code I write with system for some Linux distro won't work on a Windows machine. It also seems that "portable system-specific" is an oxymoron. And aren't there APIs to talk to the machine such as windows.h?

So is there a legitimate reason for system to continue existing, are there legacy applications, or has C++ just not got around to axing it?

Answer 1

If you remove system() what security do you gain? You can achieve the same thing with fork() and exec(), which is all that system() does internally.

Any program you're running on your machine you must either trust or sandbox. In a sandboxed environment one of the first things to go is a working system() call, but other things are also disabled as well, necessarily.

Running external programs is an important function that cannot be removed.

Remember that one of the defining principles of C++ is that the language will never presume to be smarter than the programmer and won't prevent the programmer from doing whatever they want, regardless of the consequences.

There's no reason to remove it as you can always implement it with other tools.