[Melbourne-pm] how to pass a filehandle to an external binary
pjf at perltraining.com.au
Sun Feb 13 05:11:00 PST 2005
David Dick wrote:
> anyone know a more secure way / different secure way of interacting with
> external binaries? or any issues with this approach?
Twiddling the close-on-exec flag and passing the filehandle using the /dev/fd/X
naming convention is the most straightforward method I've seen on systems that
support it. It's the method that I've been recommending in Perl Training
Australia's "Perl Security" course (http://perltraining.com.au/perlsec.html).
You can also use Perl's built-in fileno() to get the filehandle number, and this
also works with temporary anonymous files opened with Perl's
External processes can use files on /dev/fd/X for both reading and writing.
This means you can call something like a system("/usr/bin/vi /dev/fd/X") to
allow a user to view and edit a temporary anonymous file. Just make sure you
rewind the filehandle when they're done if you want to read back the changes.
The downside to the method you've described is it can't be used on systems
without /dev/fd conventions, which includes some Unix-flavoured systems. I know
that OpenSSH with privilege separation uses some deep magic to pass a PTY to an
already opened process, but I haven't checked to see how it does so. That may
also be system dependent. See http://niels.xtdnet.nl/papers/privsep.pdf for
It's unlikely that OpenSSH-style magic is going to help you unless the process
on the other end is ready to perform some magic to receive the filehandle.
Paul Fenwick <pjf at perltraining.com.au> | http://perltraining.com.au/
Director of Training | Ph: +61 3 9354 6001
Perl Training Australia | Fax: +61 3 9354 2681
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 250 bytes
Desc: OpenPGP digital signature
Url : http://mail.pm.org/pipermail/melbourne-pm/attachments/20050214/a80d0c90/signature.bin
More information about the Melbourne-pm