Feature Execute External Program via API

[Tuetchen]

Currently the Scripting Engine can be quite restricting.
Instead of adding everything to the engine it would be nice to have the option to execute external applications via the engine and maybe be able to do something with its output.
This would allow us to bypass these missing features in an easier way.

Of course it could be a security problem but still the user would need to give the script the permissions to execute something first like in other "problematic" libs

 

[irgendwr]

execute external applications via the api and maybe be able to do something with its output

Of course it could be a security problem

Not just could, it definitely is xD

If you wan't to make horribly insecure stuff, just use a webserver w/ php to execute things ^^

 

[Tuetchen]

Well we allow networking stuff which can be way more insecure than running a program the user has to install first.. so yeah..

 

[irgendwr]

a program the user has to install first

"just running a programm" is basically running a command (as they are just programs)

Which of the following are you comfortable with:
(potentially) giving remote access to a shell of your server or running a script that has to be manually approved and can make http calls with rate limits?

so yeah..

 

[Tuetchen]

1. Its way more than just http calls^^
2. To Be honest - with neither if i dont know the script and thats why we currently need to manually give a script permissions first to use the 'net' class

 

[irgendwr]

Its way more than just http calls^^

then provide more examples

thats why we currently need to manually give a script permissions first to use the 'net' class

yup, so that's mostly safe then

Btw: the api is not the same as the scripting engine, if you mean the engine it makes a bit more sense, otherwise It's really like giving people access to a shell on your server over http.

But even if you would have to manually allow this feature (like the net class) I would still fear command injections (e.g. if a parameter is not escaped correctly), privilege escalations and so on.

Edit: + in the last post you admitted that you wouldn't be comfortable with this yourself!
And just to be safe: I don't have anything against you, I just like to argue about this xD

 

[Tuetchen]

the api is not the same as the scripting engine, if you mean the engine it makes a bit more sense

Eh yeah scripting engine to be honest I didnt even know there is a http api just saw that sry.

yup, so that's mostly safe then xD

Im not saying that this is totally save either but thats the current state the net class is accessible.

 

[irgendwr]

Im not saying that this is totally save either but thats the current state the net class is implemented.

Yeah I know, that was my honest opinion. I think the way the net class is implemented is pretty safe.

 

[Tuetchen]

Yeah sure still the user should not blindly give every script the permissions to those classes.

I mean we have a permission system: why not using it; Its still the users decision if he wants to use it on his own risk or not. And well ... its javascript - if its a problematic permission the user can still check the sourcecode and decide afterwards if he want to give the script the specific permission.

 

[irgendwr]

Its still the users decision if he wants to use it on his own risk or not. And well ... its javascript - if its a problematic permission the user can still check the sourcecode and decide afterwards if he want to give the script the specific permission.

Yes, but something like unsafe escaping could easily be overlooked.
And some people even run the bot as root!

Ok I think that's enough posts for me today, good night xD