[Bro-Dev] open a pipe?
Vern Paxson
vern at icir.org
Tue Mar 27 08:35:45 PDT 2012
> yeah, I'm sure there are nicer interfaces, though I'm not sure we can
> really avoid the injection problem
Right. My point is how *easy* it is. The issue with building piping
into open() is the script writer might not even remember that the feature
is there. Thus, if they construct a filename from untrusted input,
it could wind up starting with '|', which was never anticipated. At least
with something like popen() it's clear up-front "whoa this is running
a command".
> but with pipes we may want more: keep
> writing into it, and keep reading out. That would work better with a
> file-like object ones prints to, and any output turning into events.
I see. Yeah, for that, what you sketch makes more sense.
Vern
More information about the bro-dev
mailing list