Beefy Boxes and Bandwidth Generously Provided by pair Networks
"be consistent"
 
PerlMonks  

Re: Is this actually possible?

by chester (Hermit)
on Oct 21, 2005 at 16:19 UTC ( #502061=note: print w/ replies, xml ) Need Help??


in reply to How Would I access a C++ compiler remotely through a Perl CGI Script?

Perhaps look into running an SSH server on your Linux box. That would give you (relatively) safe, remote access to do anything you want (compile programs, write them, whatever).

Generally, data from web forms should not be considered safe. The idea of taking arbitrary code from a web form and compiling it just doesn't sit right with me, for some strange reason.


Comment on Re: Is this actually possible?
Re^2: Is this actually possible?
by Spidy (Chaplain) on Oct 21, 2005 at 16:21 UTC
    That might work, but I need a way to be able to transfer code quickly from here(school) to there(home/linux box). Besides FTP/a form, I'm not completely sure how I'd do that.
      You can use scp. Or run an FTP server on your Linux box. (Better, SFTP.) Or use wget on your Linux box, if you can put the file somewhere your Linux box can see. Or use vim remotely, it displays just fine in a console window. : ) Or even just

      $ cat > filename *paste* ^D
Re^2: Is this actually possible?
by Fletch (Chancellor) on Oct 21, 2005 at 16:24 UTC

    Yeah, it raises the hackles here as well. So long as you didn't run the compiled code you wouldn't necessarily be exposing the compiling machine to anything in the submitted code, but that doesn't mean that the compiler itself couldn't be exploited (e.g. a buffer overrun in gcc). SSH is still the better solution.

      Well, I'm not planning on running the code, just compiling it and storing the errors generated by the compiler. That way I can still get my code bug-free here at school, and then go home and actually run it there.
        If you're still at the level of monkdom where your main source of errors is just things that the compiler can catch for you, I would suggest spending that time on reading programming books instead, or thinking about the design of your programs.

        Then when you get home, you can put some of the things you've read about into practice.

        I recommend

        • Design Patterns
        • Effective C++
        • STL Tutorial and Reference Guide
        • Object-Oriented Design Heuristics
        If you only read one, make it that last one. It's great.
      I've heard of assuming user input is tainted as a good programming practice, but assuming executables on the web server are tainted is a little ridiculous.

      If you're afraid of a bug in gcc, then you'd have to assume that Apache and Perl itself are equally unsafe.

        No, I'm more trusting of those two precisely because they are used often in an unsafe environment and both have been gone over by people looking for problems to that end (and are under scrutiny for such problems going forward). I know of no such efforts being made on gcc since it's not in general use processing arbitrary user input, hence I'm substantially less sure of what it might do for malicious input.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://502061]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others meditating upon the Monastery: (4)
As of 2014-12-27 03:29 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (176 votes), past polls