Skip to content

Loading…

Switch from system() to open2() #7

Merged
merged 1 commit into from

2 participants

@RhubarbSin

Use of system() for executing emacsclient can break ikiwiki.cgi, making
the plugin incompatible with web-based editing of wiki pages and other
IkiWiki functions that rely on ikiwiki.cgi.

The issue prompting this change was seen on Apache with suEXEC enabled.

@RhubarbSin RhubarbSin Switch from system() to open2()
Use of system() for executing emacsclient can break ikiwiki.cgi, making
the plugin incompatible with web-based editing of wiki pages and other
IkiWiki functions that rely on ikiwiki.cgi.
f2cfaa4
@chrismgray chrismgray merged commit 79dad93 into chrismgray:master
@chrismgray
Owner

Thank you for your tracking this down!

I think it's important to note for posterity that this change doesn't reduce the security risk, it only hides it from Apache.

@RhubarbSin

I'm pleased to contribute; thanks for enabling my addiction to org-mode with this plugin.

Indeed, the security risk is still present, and I'm not perfectly satisfied with what seems like a strange use of open2(), but at least it does what I want. Perhaps someone else will have a more elegant solution.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Aug 16, 2012
  1. @RhubarbSin

    Switch from system() to open2()

    RhubarbSin committed
    Use of system() for executing emacsclient can break ikiwiki.cgi, making
    the plugin incompatible with web-based editing of wiki pages and other
    IkiWiki functions that rely on ikiwiki.cgi.
Showing with 7 additions and 3 deletions.
  1. +7 −3 perl/new_org.pm
View
10 perl/new_org.pm 100644 → 100755
@@ -5,6 +5,7 @@ use warnings;
use strict;
use IkiWiki 3.00;
use File::Temp qw/ tempfile unlink0 /;
+use IPC::Open2;
my $org_file_regexp = qr/\.org$/;
@@ -21,8 +22,9 @@ sub run_func_in_emacs($$;$) {
# WARNING: possible security hole
$args =~ s/'/'\\''/g;
my $argstring = qq/unset ALTERNATE_EDITOR; emacsclient -s org-ikiwiki-compiler --eval '(ikiwiki-org-$func "$tn1" "$tn2" $args)'/;
- system($argstring);
+ my $pid = open2(*IN, *OUT, $argstring);
# Wait for emacs to finish
+ waitpid($pid, 0);
my @ret = <$tf2>;
unlink0($tf1, $tn1);
unlink0($tf2, $tn2);
@@ -30,9 +32,11 @@ sub run_func_in_emacs($$;$) {
}
sub import {
- system("unset ALTERNATE_EDITOR; emacsclient -s org-ikiwiki-compiler --eval nil");
+ my $pid = open2(*IN, *OUT, "unset ALTERNATE_EDITOR; emacsclient -s org-ikiwiki-compiler --eval nil");
+ waitpid($pid, 0);
if ($? != 0) {
- system("emacs --daemon --eval \"(progn (require 'ikiwiki-org-plugin) (setq server-name \\\"org-ikiwiki-compiler\\\") (server-start))\"");
+ $pid = open2(*IN, *OUT, "emacs --daemon --eval \"(progn (require 'ikiwiki-org-plugin) (setq server-name \\\"org-ikiwiki-compiler\\\") (server-start))\"");
+ waitpid($pid, 0);
if ($? != 0) {
print STDERR "Failed to start emacs. Will not continue with new_org setup.\n";
return;
Something went wrong with that request. Please try again.