http://jonisalonen.com/2012/runtime-exec-with-unix-console-programs/
Nice tip. Java's Runtime.exec() method can be useful to invoke external tools from your code.
I once had the idea for, and created, a utility that had a Java servlet (with an HTML form as front-end) calling a UNIX (HP-UX) C setuid program that enabled developers in my team to stop and restart Informix database servers without knowing the DB server admin password. UNIX C setuid programs are quite useful for giving less privileged OS users restricted / controlled access to privileged operation, as in my example.
Writing C setuid programs involves many potential security issues, though. Mine was deployed in a corporate environment behind firewalls, so had relatively less risks. If you're writing a setuid program for public Internet use, make sure to do a lot of research about the issues and how to mitigate them.
- Vasudev Ram
www.dancingbison.com
No comments:
Post a Comment