bypass shell - pipe into child pid and receive otput

M

Mirco Wahab

I'm trying to work with a filter prog
under Unix from a Perl script (CGI).

This program (htmldoc, => google) receives
some command line parameters and some input
via stdin - and returns its output via stdout.


What I do is: piping through the shell, like:

{
...
my $htmlpage = '... several KB HTML stuff, comes from above ';
my $prog = '/usr/bin/htmldoc';

return
qx{echo -e '$htmlpage' | $prog --webpage -t pdf -}
}

.... and receive the output directly back to the Perl script.
This works somehow, BUT has tremendous security problems (imho).

How can I bypass the shell, maybe via
forking a child process, like:

<pseudo>
...
my $pid = open( my $pipe, "-|") or die "can't fork $!";
unless( $pid ) { # did we get 0 pid back?
exec $prog, $htmlpage
}
</pseudo>

But this wouldn't give me the output of $prog back.

What did I miss?


Thanks & regards

Mirco
 
X

xhoster

Mirco Wahab said:
I'm trying to work with a filter prog
under Unix from a Perl script (CGI).

This program (htmldoc, => google) receives
some command line parameters and some input
via stdin - and returns its output via stdout.

What I do is: piping through the shell, like:

{
...
my $htmlpage = '... several KB HTML stuff, comes from above ';
my $prog = '/usr/bin/htmldoc';

return
qx{echo -e '$htmlpage' | $prog --webpage -t pdf -}
}

... and receive the output directly back to the Perl script.
This works somehow, BUT has tremendous security problems (imho).

What are those problems, IYHO?
How can I bypass the shell, maybe via
forking a child process, like:

<pseudo>
...
my $pid = open( my $pipe, "-|") or die "can't fork $!";
unless( $pid ) { # did we get 0 pid back?
exec $prog, $htmlpage
}
</pseudo>

But this wouldn't give me the output of $prog back.

Well of course it wouldn't. Perl is a language, not a psuedo-language.
What did I miss?

See above.

Xho
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,905
Latest member
Kristy_Poole

Latest Threads

Top