[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bash as a static lib in my application

From: Eli Schwartz
Subject: Re: Bash as a static lib in my application
Date: Thu, 18 Jun 2020 09:49:58 -0400
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.9.0

On 6/18/20 6:52 AM, Praneeth Tss wrote:
> Hi,
>      Need some advice on my approach. So, my motive was to develop an
> application which has a console on a web page and execute shell commands
> from the browser. I have sorted out all the communication between the
> browser and the user machine.
> These are the approaches I have taken once my c++ application receives the
> command from browser
> i) Use forkpty and fork a child process of bash of an existing terminal
> instance and pipe in commands and take out the stdout.
> ii.) Build a static library out of bash and use it in my application.
> Execute the command and get the output from the bash lib's code.
> I don't want to go with the first approach due to security reasons. So, I
> need some advice if the second approach is feasible or if there are any
> issues that I can get into with the second approach. Any help would be
> appreciated.

You're allowing users to run arbitrary shell commands. Why is doing that
using a fork+exec more of a security concern than allowing the arbitrary
shell commands in the first place?

Eli Schwartz
Arch Linux Bug Wrangler and Trusted User

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]