[Wellington-pm] pass-through pipe?
Grant McLean
grant at mclean.net.nz
Sun Jul 18 15:13:23 PDT 2010
On Sun, 2010-07-18 at 18:13 +1200, Richard Hector wrote:
> On Sun, 2010-07-18 at 17:06 +1200, Lenz Gschwendtner wrote:
> > you mean something other than one process prints to STDOUT and the other one reading from STDIN ...
> >
> > not sure i get your question right but if you need something other than the normal stuff then you might be after a FIFO buffer? shared memory? what is the use case? probably that helps :-)
>
> The use case is encrypting postgresql backups:
>
> system "pg_dump --cluster $cluster --dbname $dbname ... | gpg
> --options ... --encrypt";
>
> Currently I'm doing that in one 'system' line as described, but that
> fires up a shell, which shouldn't be necessary?
I guess strictly speaking, the shell is not necessary and yes you could
implement it using Perl's builtin pipe, fork, exec and wait. But
frankly why bother?
It's going to be a lot of work. It's not going to be faster and it's
only more secure if you don't trust the variables $cluster and $dbname.
As long as you sanitise the values for those variables using a regex of
sensible allowable characters then you'll be safe and moving on to the
next job.
Of course the security of invoking the shell could also be influenced by
the contents of the invoking user's .bashrc et al but if you can't trust
those you're screwed anyway :-)
Cheers
Grant
More information about the Wellington-pm
mailing list