[Monotone-devel] popen replacement

[William Uther]

Hi all,

  A while ago I came across the fact that popen was disabled in the  
Lua hooks in monotone for security reasons.  Here is a patch that  
replaces it with a security conscious version (like spawn() replaces  
execute()).  The 'security consciousness' is simply accepting the  
command as an array of arguments rather than a single string to be  
parsed by the shell.

  Returning a FILE* from C functions in Lua is tricky (there is a  
Lua FAQ on just this).  This wasn't working for a while, then it was,  
and I don't understand what changed.  If someone wants to look at  
that, I wouldn't mind.  It would be good if people could test it on a  
bunch of different systems too...

  I've only implemented this on Unix.  I have no windows knowledge  
or ability to test.

  I'm assuming that attaching a patch to an email to the list is the  
correct way to submit this.  Let me know if there is something else I  
should do.

spawn_pipe.patch
Description: Binary data

BTW, I'm using this on MacOS X to store my password securely in the  
system keychain.  In particular, I have this in my monotonerc:

function get_passphrase(keypair_id)
        procfin, procfout, pid = spawn_pipe("getPassword", "monotoneKey")
        procfin:close()
        pass, errstr = procfout:read()
        procfout:close()
        if (pid ~= -1) then ret, pid = wait(pid) end
        return pass
end

Where getPassword is the following shell script:

/usr/bin/security find-generic-password -ga $1 2>&1 > /dev/null | /sw/ 
bin/sed -r -e 's/password: \"(.*)\"/\1/'

You set the password by launching "Keychain Access" from the  
Utilities folder and click on the little + at the bottom of the  
window.  The Account Name is "monotoneKey", and the password is the  
password. :)

Cheers,

Will         :-}