Nicholas Weaver created BIT-1210:
------------------------------------
Summary: Safe "Exec" python subprocess.Popen style
Key: BIT-1210
URL: https://bro-tracker.atlassian.net/browse/BIT-1210
Project: Bro Issue Tracker
Issue Type: New Feature
Components: Bro
Affects Versions: git/master
Reporter: Nicholas Weaver
Priority: Low
The system() and exec::command routines/types take a string which is passed to
the shell for execution. This both has efficiency issues (needlessly invoking
a shell) and security issues if str_shell_escape is forgotten/incorrect.
A better alternative (This would probably require a separate bif for backwards
compatibility) would be in the style of Python's subprocess.Popen, which
instead of taking a string takes a vector of strings, does not invoke a shell
by default, and instead directly fork() and execvp's the new process, with the
first argument being the target executable and the subsequent arguments forming
the rest of the target's argv.
This has a substantial advantage as "Unlike some other popen functions, this
implementation will never call a system shell implicitly. This means that all
characters, including shell metacharacters, can safely be passed to child
processes."
--
This message was sent by Atlassian JIRA
(v6.3-OD-07-013#6327)
_______________________________________________
bro-dev mailing list
[email protected]
http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
