On Sun, 2010-10-24 at 00:44 -0700, Yushu Yao wrote:
> Any reason you can't use facter the command line?
> E.g. call in python commands.getstatusoutput("facter")Because it's a dirty hack? ;) We've inherited a system where loads of stuff that could be done with shared libraries in various languages (PHP and python mainly) is done using using the appropriate "Shell out to the command line and run this program", that I'm desperately trying to make sure that all our new scripts don't do this. I realise that the vast majority of libraries are actually "wrappers" around this kind of 'shell out' process, however it strikes me (and admittedly I'm incredibly paranoid!) that if you're shelling out to the command line, all it takes is an attacker to send the correct string to the script and they've immediately got access to a lot more on the system. Kind regards, Matt -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
