Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #54113
| Path | csiph.com!usenet.pasdenom.info!weretis.net!feeder1.news.weretis.net!feeder4.news.weretis.net!rt.uk.eu.org!newsfeed.xs4all.nl!newsfeed4.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail |
|---|---|
| Return-Path | <rosuav@gmail.com> |
| X-Original-To | python-list@python.org |
| Delivered-To | python-list@mail.python.org |
| X-Spam-Status | OK 0.036 |
| X-Spam-Evidence | '*H*': 0.93; '*S*': 0.00; 'static': 0.04; 'hosts': 0.07; 'suppose': 0.07; 'back-end': 0.09; 'executes': 0.09; 'skip:/ 10': 0.09; 'executed,': 0.16; 'from:addr:rosuav': 0.16; 'from:name:chris angelico': 0.16; 'inclined': 0.16; 'port,': 0.16; 'ssh': 0.16; 'subject:format': 0.16; 'telnet,': 0.16; 'wrote:': 0.18; 'app': 0.19; 'basically': 0.19; 'subject:page': 0.19; 'user.': 0.19; 'command': 0.22; 'shell': 0.22; 'parse': 0.24; 'server.': 0.24; 'login': 0.25; "i've": 0.25; '(for': 0.26; 'header:In-Reply-To:1': 0.27; 'message-id:@mail.gmail.com': 0.30; '13,': 0.31; 'sep': 0.31; 'run': 0.32; 'running': 0.33; '-----': 0.33; 'becomes': 0.33; 'fri,': 0.33; "i'd": 0.34; 'something': 0.35; 'but': 0.35; 'received:google.com': 0.35; 'executing': 0.36; 'ram': 0.36; 'done': 0.36; 'wrong': 0.37; 'remote': 0.38; 'server': 0.38; 'connections': 0.38; 'depends': 0.38; 'to:addr :python-list': 0.38; 'pm,': 0.38; 'rather': 0.38; 'to:addr:python.org': 0.39; 'skip:p 20': 0.39; 'how': 0.40; 'commands': 0.60; 'most': 0.60; "you're": 0.61; 'complete': 0.62; 'protection': 0.63; 'such': 0.63; 'myself': 0.63; 'connecting': 0.64; 'anything.': 0.68; 'commands.': 0.84; 'safe.': 0.84; 'subject:system': 0.84; 'subject:via': 0.84; 'viable': 0.84; 'shell,': 0.91; 'hand,': 0.93; '2013': 0.98 |
| DKIM-Signature | v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=6d9VVCEOwAz73g7GTKVPOlMhGQeouH0EfTL+5ScpZEA=; b=kA8O+UC+Rtj6NnhFDhwoDbrSDl0wyyZGs4j9y3TNagv07Lex7+24Vb73NyMKP1C5NH jk3b+y4hEqDK0EsKBWbIcAQYAo1KcGBcY4n+aiXtjCvYOkYj+J0od9bRuJZk5ImbPlYJ k9PkIJq/QRTP7+jW1pitOJm7GY60ETTsiN7AvR4pyFHLOdutIF1x67mQr5CEFUkzuJX9 4le22bVgu7z6Yin/eJ7ETXZWCYzy4/PqclmU7MWMe0U8+UwUE7T2OJGJpZh/R4U9MgVy cEwfO7v1DupWP6P4xX1Gt8psT1FBHX4KkiH3UpfAPq06jKawQtnyAfeRrodwfqmayKLI kpBw== |
| MIME-Version | 1.0 |
| X-Received | by 10.58.196.132 with SMTP id im4mr985017vec.28.1379076952519; Fri, 13 Sep 2013 05:55:52 -0700 (PDT) |
| In-Reply-To | <348363986.56298340.1379075475818.JavaMail.root@sequans.com> |
| References | <-7222838418607307603@unknownmsgid> <348363986.56298340.1379075475818.JavaMail.root@sequans.com> |
| Date | Fri, 13 Sep 2013 22:55:52 +1000 |
| Subject | Re: Telnet to remote system and format output via web page |
| From | Chris Angelico <rosuav@gmail.com> |
| To | python-list@python.org |
| Content-Type | text/plain; charset=ISO-8859-1 |
| X-BeenThere | python-list@python.org |
| X-Mailman-Version | 2.1.15 |
| Precedence | list |
| List-Id | General discussion list for the Python programming language <python-list.python.org> |
| List-Unsubscribe | <https://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe> |
| List-Archive | <http://mail.python.org/pipermail/python-list/> |
| List-Post | <mailto:python-list@python.org> |
| List-Help | <mailto:python-list-request@python.org?subject=help> |
| List-Subscribe | <https://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe> |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.354.1379076955.5461.python-list@python.org> (permalink) |
| Lines | 36 |
| NNTP-Posting-Host | 2001:888:2000:d::a6 |
| X-Trace | 1379076955 news.xs4all.nl 15898 [2001:888:2000:d::a6]:38254 |
| X-Complaints-To | abuse@xs4all.nl |
| Xref | csiph.com comp.lang.python:54113 |
Show key headers only | View raw
On Fri, Sep 13, 2013 at 10:31 PM, Jean-Michel Pichavant <jeanmichel@sequans.com> wrote: > ----- Original Message ----- >> I would use something like fabric to automatically login to hosts via >> ssh then parse the data myself to generate static HTML pages in a >> document root. >> >> Having a web app execute remote commands on a server is so wrong in >> many ways. > > Such as ? It depends exactly _how_ it's able to execute remote commands. If it can telnet in as a fairly-privileged user and transmit arbitrary strings to be executed, then any compromise of the web server becomes a complete takedown of the back-end server. You're basically circumventing the protection that most web servers employ, that of running in a highly permissions-restricted user. On the other hand, if the "execute remote commands" part is done by connecting to a shell that executes its own choice of command safely, then you're not forfeiting anything. Suppose you make this the login shell for the user foo@some-computer: #!/bin/sh head -4 /proc/meminfo You can then telnet to that user to find out how much RAM that computer has free. It's telnet, it's executing a command on the remote server... but it's safe. (For something like this, I'd be inclined to run a specific "memory usage daemon" that takes connections on some higher port, rather than having it look like a shell, but this is a viable demo.) I've done things like this before, though using SSH rather than TELNET. ChrisA
Back to comp.lang.python | Previous | Next | Find similar | Unroll thread
Re: Telnet to remote system and format output via web page Chris Angelico <rosuav@gmail.com> - 2013-09-13 22:55 +1000
csiph-web