[Zope] Launching external apps to process uploads to LocalFS, possible?

Terry Hancock hancock@anansispaceworks.com
Thu, 8 May 2003 13:55:13 -0700


On Thursday 08 May 2003 11:57 am, Chris Beaumont wrote:
> I guess what I am asking is if Zope's Python can
> be told to launch apps on the hosting machine. But
> that seems like it would be a major security hole, so
> I understand if its not possible..

Other people have answered you, but I'd like to re-express
it for you:

1) Python script (restricted)
    2) calls -->  External method OR Product method
                   (unrestricted)
        3)               calls -->  system calls

#1 you already know how to do this, I think
#2 Zope book or online resources "external method" docs
#3 Python docs:
    http://www.python.org/doc/2.1.3/lib/allos.html

With these various python system calls you can do 
essentially anything you can imagine with calling
external programs, and they will be called directly
by your site code on demand.

Points to consider, though:

1) You are now dependent on your choice of OS

2) You are now vulnerable to DOS-style attacks which
take advantage of your interface to trigger unreasonably
difficult tasks or consume excessive resources -- you have
to think about this in your design.  They can't run 
"anything" on your system, but the programs you've opened
up may have enough faults to be troublesome.

3) Don't do something like allowing the user to give you a
string and then pass it to os.system()!!!  Don't even pass
part of a string this way.

Cheers,
Terry

--
Terry Hancock ( hancock at anansispaceworks.com )
Anansi Spaceworks  http://www.anansispaceworks.com