On Jan 14, 2009, at 5:31 PM, Maxwell, Adam R wrote:
There are also some issues with tasks and pipes; NSTask should generally beused in an exception handler, and you need to make sure there are no problems with filling the pipe (and then blocking indefinitely).BDSKShellTask handles all of this, and also disables SIGPIPE, but running anexternal task does have the potential to hang or crash the callingapplication. Yeah, it's the user's fault, but minimizing the risk to datais important.
In spite of my plug for using BDSKShellTask, I should also mention that (last time I looked) it creates a shell script that runs /bin/sh, which I believe makes using NSTask just as insecure as using system(3) or popen(3).
Yes, I'm overly paranoid...I've just been thinking about this lately since my TeX Live Utility program runs scripts as root. Reading http://cwe.mitre.org/top25 also gives food for thought.
smime.p7s
Description: S/MIME cryptographic signature
------------------------------------------------------------------------------ This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword
_______________________________________________ Bibdesk-develop mailing list Bibdesk-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bibdesk-develop
