- From: Bjartur Thorlacius <svartman95@gmail.com>
- Date: Mon, 28 Feb 2011 15:10:50 +0000
On 2/28/11, Harald Alvestrand <harald at alvestrand.no> wrote: > On 02/28/11 15:55, Bjartur Thorlacius wrote: >> On 2/28/11, Harald Alvestrand<harald at alvestrand.no> wrote: >>> On 02/28/11 15:35, Bjartur Thorlacius wrote: >>>> In effect, you want to create pipelines in JS/ES? >>>> >>> I need pipelines that can be manipulated from Javascript, yes. >>> Javascript is not a millisecond-precise language; the running of the >>> pipelines has to happen elsewhere. >>> >> Would POSIX sh suffice for your purposes? >> The simplest solution I can think of is using sh pipes and standardized >> device names. > The idea of letting anyone's Javascript execute posix sh commands on my > mother's laptop fills me with an abject sense of horror..... no, I can't > imagine a security model in which that would be the right answer to the > question. > Run them without privileges and you should be fine. In fact, access to anything but stdin, stdout and stderr could be denied if you open the media a priori. > (not to mention that some of the devices that execute Javascript and > have cameras and microphones attached don't HAVE a posix shell). > Smells of odd priorities to have JavaScript but not sh.
Received on Monday, 28 February 2011 07:10:50 UTC