Aside on a security issue with some example code... I know in this case
it was being done as prototype/experiment, which is perfectly fine, but
since people often learn from code they see on the email list, we should
probably mention...
(system/exit-code (string-append
"gnome-web-photo "
"--mode=thumbnail "
(url->string url)
" --file "
(some-system-path->string
f)
" > /dev/null 2>&1"))
In production-quality code, you will almost never run an external
process like this. With "system/exit-code", there is an extra layer of
Posix shell command line interpretation happening on the string here,
which is really nasty.
Assembling a string like this for the shell to then parse tends (through
accident or intent) to lead to garbled command lines, and misbehavior.
If some unexpected characters wind up in one of the non-static string
values that's concatenated into the command line, you potentially run
arbitrary code. https://xkcd.com/327/
In production code, you'd probably use some variant of Racket
`subprocess` or `system*`, which don't involve the shell like variants
of `system` do. Or have rigorous escaping or checking code, to make
sure that no problematic string value is added to the command line.
Also, in production, you might want to save stderr and possibly stdout
from the process, in case the process fails. That diagnostic
information can then be added added to whatever exception or logging
your Racket program does for the failure.
--
You received this message because you are subscribed to the Google Groups "Racket
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to racket-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
