Hi, I also don't believe that injections are a concern. Also I usually use many pipes which makes it more complicated if I would use shell pipes in python.
thanks, Ozgur Akan On Wed, Dec 3, 2008 at 11:09 AM, Michael DeHaan <[EMAIL PROTECTED]> wrote: > Adam Stokes wrote: > >> Using shell=True is not a good idea as it could allow for problematic >> injections. I think it would be beneficial to use the python way of handling >> pipes >> >> > > IMHO, Func is already an API that allows doing lots of nice things as root > so injections are not a huge concern. If you have access to Func you can > already install and run whatever code you like -- by design. > > However if someone is surfacing Func in the web app, they should not > surface the shell=True version. > > The problem of filtering injections is therefore the problem of the owner > of the webapp, just as it is with someone writing a SQL-using program. > > > > ----- Original Message ----- >> From: "Silas Sewell" <[EMAIL PROTECTED]> >> To: "Michael DeHaan" <[EMAIL PROTECTED]> >> Cc: [email protected] >> Sent: Monday, November 24, 2008 5:21:14 PM GMT -05:00 US/Canada Eastern >> Subject: Re: [Func-list] func command module pipe problem >> >> If you enable shell in the command module you can use pipes. I created a >> simple module which does just that. >> >> http://github.com/silas/func-modules/tree/master/command_plus.py >> >> On Mon, Nov 24, 2008 at 2:57 PM, Michael DeHaan <[EMAIL PROTECTED]> >> wrote: >> >> >> >>> Ozgur Akan wrote: >>> >>> >>> >>>> Hi, >>>> >>>> I am trying to use func command module >>>> >>>> https://fedorahosted.org/func/wiki/CommandModule >>>> >>>> When I use pipe in the command it can not run the command. >>>> >>>> func myserver.domain.com <http://myserver.domain.com> call command run >>>> "ps -fe | grep root" >>>> >>>> How can I override this problem? >>>> >>>> thanks, >>>> Ozgur Akan >>>> ------------------------------------------------------------------------ >>>> >>>> _______________________________________________ >>>> Func-list mailing list >>>> [email protected] >>>> https://www.redhat.com/mailman/listinfo/func-list >>>> >>>> >>>> >>> Subprocess does not do shell pipes, though it does /implement/ pipes. >>> >>> What you want to do is use Func's process module and if neccessary add >>> modifications to allow you to filter the results, or write an API script >>> using Func that filters the results. >>> >>> --Michael >>> >>> >>> _______________________________________________ >>> Func-list mailing list >>> [email protected] >>> https://www.redhat.com/mailman/listinfo/func-list >>> >>> >>> >> >> >> >> >> > > _______________________________________________ > Func-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/func-list >
_______________________________________________ Func-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/func-list
