Re: [Func-list] func command module pipe problem

Wed, 03 Dec 2008 08:09:36 -0800 

Adam Stokes wrote:

Using shell=True is not a good idea as it could allow for problematic 
injections. I think it would be beneficial to use the python way of handling 
pipes



IMHO, Func is already an API that allows doing lots of nice things as 
root so injections are not a huge concern.   If you have access to Func 
you can already install and run whatever code you like -- by design.



However if someone is surfacing Func in the web app, they should not 
surface the shell=True version.



The problem of filtering injections is therefore the problem of the 
owner of the webapp, just as it is with someone writing a SQL-using program.




----- Original Message -----
From: "Silas Sewell" <[EMAIL PROTECTED]>
To: "Michael DeHaan" <[EMAIL PROTECTED]>
Cc: [email protected]
Sent: Monday, November 24, 2008 5:21:14 PM GMT -05:00 US/Canada Eastern
Subject: Re: [Func-list] func command module pipe problem

If you enable shell in the command module you can use pipes. I created a
simple module which does just that.

http://github.com/silas/func-modules/tree/master/command_plus.py

On Mon, Nov 24, 2008 at 2:57 PM, Michael DeHaan <[EMAIL PROTECTED]> wrote:


  

Ozgur Akan wrote:


    

Hi,

I am trying to use func command module

https://fedorahosted.org/func/wiki/CommandModule

When I use pipe in the command it can not run the command.

func myserver.domain.com <http://myserver.domain.com> call command run
"ps -fe | grep root"

How can I override this problem?

thanks,
Ozgur Akan
------------------------------------------------------------------------

_______________________________________________
Func-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/func-list


      

Subprocess does not do shell pipes, though it does /implement/ pipes.

What you want to do is use Func's process module and if neccessary add
modifications to allow you to filter the results, or write an API script
using Func that filters the results.

--Michael


_______________________________________________
Func-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/func-list


    





  


_______________________________________________
Func-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/func-list






















					Reply via email to