[Bro-Dev] open a pipe?

Vern Paxson vern at icir.org
Tue Mar 27 08:35:45 PDT 2012

> yeah, I'm sure there are nicer interfaces, though I'm not sure we can
> really avoid the injection problem

Right.  My point is how *easy* it is.  The issue with building piping
into open() is the script writer might not even remember that the feature
is there.  Thus, if they construct a filename from untrusted input,
it could wind up starting with '|', which was never anticipated.  At least
with something like popen() it's clear up-front "whoa this is running
a command".

> but with pipes we may want more: keep
> writing into it, and keep reading out. That would work better with a
> file-like object ones prints to, and any output turning into events.

I see.  Yeah, for that, what you sketch makes more sense.


More information about the bro-dev mailing list