[Bro-Dev] open a pipe?

Vern Paxson vern at icir.org
Mon Mar 26 10:07:21 PDT 2012


> Woo.  We definitely need to think about this a bit more though.  I don't
> really like the perl-ism inherent in writing commands with pipes in the
> "file name".

I agree.  One particular concern I have is that it makes it easier to screw
up and not properly escape/sanitize untrusted input that goes into the
"filename", which in this case instead allows shell command injection :-(.

Also, Robin, from what you sketch I'm not understanding how threading is
going to help.  Are you moving away from the model that script execution
is atomic (other than "when" statements) and serialized?  Wouldn't using
"when" statements of some form better fit here?

		Vern


More information about the bro-dev mailing list