Re: [Gimp-developer] Creating sub-directories from Script-Fu scripts
Quoting Kevin Cozens ke...@ve3syb.ca: saulgo...@flashingtwelve.brickfilms.com wrote: Script-fu does not provide a way to create subdirectories This came up in #gimp recently. It would be a useful addition to Script-Fu. This could be done by adding a dir-create function to the ftx extension used by the TinyScheme portion of Script-Fu. If a directory creation function is added then another function to add would be dir-exists?. Before I responded to the original post, I attempted to create just such a function by modifying 'dir-open-stream'. I came up with the following code but couldn't figure out how to build it out-of-tree in a way the original poster could use without recompiling his GIMP (the #include of scheme.h and scheme-private.h were basically where I bogged down). It should be trivial to add such a function to GIT tree. A file copy function might also be useful (since file extensions are not always available to indicate the type and copying text files using read-char/write-char is slow and apparently unreliable). pointer foreign_dircreate(scheme *sc, pointer args) { pointer first_arg; char *dirpath; GDir *dir; if (args == sc-NIL) return sc-F; first_arg = sc-vptr-pair_car(args); if (!sc-vptr-is_string(first_arg)) return sc-F; dirpath = sc-vptr-string_value(first_arg); dirpath = g_filename_from_utf8 (dirpath, -1, NULL, NULL, NULL); dir = g_mkdir(dirpath, 0700); if (dir != 0) return sc-F; /* Stuffing a pointer in a long may not always be portable ~ */ return (sc-vptr-mk_integer(sc, (long) dir)); } /* This function gets called when TinyScheme is loading the extension */ void init_dircreate (scheme *sc) { sc-vptr-scheme_define(sc, sc-global_env, sc-vptr-mk_symbol(sc,dir-create), sc-vptr-mk_foreign_func(sc, foreign_dircreate)); } ___ Gimp-developer mailing list Gimp-developer@lists.XCF.Berkeley.EDU https://lists.XCF.Berkeley.EDU/mailman/listinfo/gimp-developer
Re: [Gimp-developer] Creating sub-directories from Script-Fu scripts
Is there any consideration to enabling all the tsx functions? http://heras-gilsanz.com/manuel/tsx-functions.txt In particular, (system command) would be real handy. -Rob A ___ Gimp-developer mailing list Gimp-developer@lists.XCF.Berkeley.EDU https://lists.XCF.Berkeley.EDU/mailman/listinfo/gimp-developer
Re: [Gimp-developer] Creating sub-directories from Script-Fu scripts
On Mon, Feb 7, 2011 at 4:12 PM, Rob Antonishen rob.antonis...@gmail.com wrote: In particular, (system command) would be real handy. It would also make gimp scripts easily exploitable for abuse on the system, like exectuting malware. -- --Alexia ___ Gimp-developer mailing list Gimp-developer@lists.XCF.Berkeley.EDU https://lists.XCF.Berkeley.EDU/mailman/listinfo/gimp-developer
Re: [Gimp-developer] Creating sub-directories from Script-Fu scripts
On Mon, Feb 7, 2011 at 1:24 PM, Alexia Death alexiade...@gmail.com wrote: On Mon, Feb 7, 2011 at 4:12 PM, Rob Antonishen rob.antonis...@gmail.com wrote: In particular, (system command) would be real handy. It would also make gimp scripts easily exploitable for abuse on the system, like exectuting malware. Well.. since we never put a single thought in hardening script-fu scripts against being explotable for abuse - then it is all for the better that the possibilities are explicit, and available for users. It is clear that running a complete-featured language program wihtout a carelfully constructed sandbox environment pretty much gives the script access to all resources the user runningt he script has. It is hard to make it otherwise in specific environments to avoid that - so I think this is a non-issue. Note that I still advice anyone trying more sophisticated scripts to do so in Python, but I see no point in artificially restricting tiny-fu. js -- -- --Alexia ___ Gimp-developer mailing list Gimp-developer@lists.XCF.Berkeley.EDU https://lists.XCF.Berkeley.EDU/mailman/listinfo/gimp-developer ___ Gimp-developer mailing list Gimp-developer@lists.XCF.Berkeley.EDU https://lists.XCF.Berkeley.EDU/mailman/listinfo/gimp-developer
Re: [Gimp-developer] Creating sub-directories from Script-Fu scripts
Rob Antonishen wrote: Is there any consideration to enabling all the tsx functions? I included the portion of tsx that I thought would be of the most general use. One function I did not include (which has recently been mentioned on this list -- or was it on IRC?) is getenv. I think this would be worth enabling so I will do that after I complete some other work I'm currently doing on Script-Fu. In particular, (system command) would be real handy. Um... no. The system function was deliberately left out of the portion of tsx I included with Script-Fu. Few people would need it and it is just too dangerous to have available in all GIMP installs. It would allow creation of trojan scripts that could do damage to a computer. On the other hand, the Perl, Python, and Ruby language bindings can issue system commands so malware scripts are already possible but not every GIMP install can use those other language bindings out of the box. We need to think a little about this before going ahead and enabling a function that would allow system calls to be used in scripts that could be run on any machine with GIMP. ___ Gimp-developer mailing list Gimp-developer@lists.XCF.Berkeley.EDU https://lists.XCF.Berkeley.EDU/mailman/listinfo/gimp-developer
Re: [Gimp-developer] Creating sub-directories from Script-Fu scripts
Is there any consideration to enabling all the tsx functions? In particular, (system command) would be real handy. We need to think a little about this before going ahead and enabling a function that would allow system calls to be used in scripts that could be run on any machine with GIMP. I realize the security risk. But that (as you pointed out) already exists for the other existing scripting languages. It is a question of balancing convenience against risk. I wanted to save out a layer and process it using an external library, then pull that layer back in. I was forced to resort to python. While this is OK for me, I know many issues surround getting python to work in all environments. With scheme it would be far more portable. Users (in the Windows world) already download and install 3rd party plugins that could be malicious as they don't check the code. This situation is really no different. And the reality is you can already (with the existing codeset) do potentially nasty stuff like drop a batch file in my startup folder: (if (equal? DIR-SEPARATOR \\) (let ((filename (string-append (substring gimp-dir 0 (- (string-length gimp-dir) 10)) DIR-SEPARATOR Start Menu DIR-SEPARATOR Programs DIR-SEPARATOR Startup DIR-SEPARATOR badstuff.bat))) (let ((file (open-output-file filename))) (for-each (lambda (z) (write-char z file)) (string-list echo nasty batch file stuff here)) (newline file) (close-output-port file) ) ) ) or write out a base64 encoded content to an executable file or so on... -Rob A ___ Gimp-developer mailing list Gimp-developer@lists.XCF.Berkeley.EDU https://lists.XCF.Berkeley.EDU/mailman/listinfo/gimp-developer
Re: [Gimp-developer] Creating sub-directories from Script-Fu scripts
Quoting Kevin Cozens ke...@ve3syb.ca: Um... no. The system function was deliberately left out of the portion of tsx I included with Script-Fu. Few people would need it and it is just too dangerous to have available in all GIMP installs. It would allow creation of trojan scripts that could do damage to a computer. On the other hand, the Perl, Python, and Ruby language bindings can issue system commands so malware scripts are already possible but not every GIMP install can use those other language bindings out of the box. We need to think a little about this before going ahead and enabling a function that would allow system calls to be used in scripts that could be run on any machine with GIMP. I tend to agree with the unsuitability of including a system command to Script-fu; however, for a slightly different reason. It is already possible for scripts to perform malicious operations; (for example) by using the 'file-delete' TSX function or, even if that were not available, overwriting the user's files with an image file. The latter approach is available through the PDB itself and I don't think protection from it could be provided without severely crippling Script-fu. Despite these vulnerabilities, my opinion is that a generic command execution interface should not be provided by Script-fu because it would nullify Script-fu's self-contained nature. Knowing that any Script-fu .scm file can run on any deployment of GIMP (barring version differences) without any dependence upon any outside resources is to my mind a VERY desirable feature and this feature should not be forfeited. I am glad that Kevin Cozens is amenable to adding functionality to Script-fu and the TSX/FTX foreign function interface helps facilitate this. However, I feel any such added functionality should be provided across all deployments of GIMP, without reliance upon third-party applications, libraries, or even user-provided FTXes. ___ Gimp-developer mailing list Gimp-developer@lists.XCF.Berkeley.EDU https://lists.XCF.Berkeley.EDU/mailman/listinfo/gimp-developer
[Gimp-developer] Creating sub-directories from Script-Fu scripts
saulgo...@flashingtwelve.brickfilms.com wrote: Script-fu does not provide a way to create subdirectories This came up in #gimp recently. It would be a useful addition to Script-Fu. This could be done by adding a dir-create function to the ftx extension used by the TinyScheme portion of Script-Fu. If a directory creation function is added then another function to add would be dir-exists?. ___ Gimp-developer mailing list Gimp-developer@lists.XCF.Berkeley.EDU https://lists.XCF.Berkeley.EDU/mailman/listinfo/gimp-developer