my website’s backend is made with bash, it calls make for every request and it probably has hundreds of remote arbitrary code execution bugs that will get me pwned someday, it’s great
edit: to clarify, it uses a rust program i made to expose the bash scripts as http endpoints, i’m not crazy enough to implement http in bash
it behaves like a static file server, but if a file has the others-execute permission bit set it executes the file instead of reading it
it’s surprisingly nice for prototyping since you can just write a cli program and it’s automatically available over http too
i thought it was neat how php lets you write your website’s logic with the same directory tree pattern that clients consume it from, but i didn’t want to learn php so i made my own, worse version
I’ve taken some precautions, it’s running in a container as an unprivileged user and the only writable mount is the directory where make writes rendered pages, but i probably should move it into a vm if i want to be completely safe lol
I know about the CGI standard, but mine does things a little differently (executable files don’t just render pages but also handle logging, access control, etc. when put in special positions within a directory), so I still think it was worth the afternoon i spent making it.
my website’s backend is made with bash, it calls make for every request and it probably has hundreds of remote arbitrary code execution bugs that will get me pwned someday, it’s great
edit: to clarify, it uses a rust program i made to expose the bash scripts as http endpoints, i’m not crazy enough to implement http in bash
it behaves like a static file server, but if a file has the others-execute permission bit set it executes the file instead of reading it
it’s surprisingly nice for prototyping since you can just write a cli program and it’s automatically available over http too
For my own sanity, I choose to believe you’re lying
who hurt you?
These wounds appear to be self-inflicted.
i thought it was neat how php lets you write your website’s logic with the same directory tree pattern that clients consume it from, but i didn’t want to learn php so i made my own, worse version
That’s a pretty reasonable reaction to the proposition of learning PHP.
I pity the hacker who ends up in your system
You live like this?
I’ve taken some precautions, it’s running in a container as an unprivileged user and the only writable mount is the directory where make writes rendered pages, but i probably should move it into a vm if i want to be completely safe lol
Wait, you’re serious?
Maybe I’ll finally move it into a VM so I can send a link to it here without tempting people :P
I designed a chip architecture that runs bash code on silicon.
I reimplemented x86 assembly in purely bash script.
Seek help.
Set -e, please for the love of god, set -e
you do realize that you can just use Apache instead of writing your own rust program for this, as this is more or less the CGI standard?
I know about the CGI standard, but mine does things a little differently (executable files don’t just render pages but also handle logging, access control, etc. when put in special positions within a directory), so I still think it was worth the afternoon i spent making it.
Yeah, especially if you did this for practice.
Just saying, that apache, for big projects, is more battle-hardened. ;-)
Oh yeah definitely, Apache is way better for anything remotely serious.