who hurt you?
Comment on Yes
wolo@lemmy.blahaj.zone 11 months ago
my website’s backend is made with bash, it calls make for every request and it probably has hundreds remote arbitrary code execution bugs that will get me pwned someday, it’s great
PupBiru@kbin.social 11 months ago
agent_flounder@lemmy.world 11 months ago
These wounds appear to be self-inflicted.
wolo@lemmy.blahaj.zone 11 months ago
i thought it was neat how php lets you write your website’s logic with the same directory tree pattern that clients consume it from, but i didn’t want to learn php so i made my own, worse version
Fashim@lemmy.world 11 months ago
I pity the hacker who ends up in your system
agilob@programming.dev 11 months ago
You live like this?
wolo@lemmy.blahaj.zone 11 months ago
I’ve taken some precautions, it’s running in a container as an unprivileged user and the only writable mount is the directory where make writes rendered pages, but i probably should move it into a vm if i want to be completely safe lol
sdw@lemmy.ca 11 months ago
Wait, you’re serious?
wolo@lemmy.blahaj.zone 11 months ago
Maybe I’ll finally move it into a VM so I can ssend a link to it here without getting pwned :P
bdonvr@thelemmy.club 11 months ago
I designed a chip architecture that runs bash code on silicon.
I reimplemented x86 assembly in purely bash script.
SpaceNoodle@lemmy.world 11 months ago
Seek help.
Belzebubulubu@mujico.org 11 months ago
lord forgive me for I have sinned.
gandalf_der_12te@feddit.de 11 months ago
you do realize that you can just use Apache instead of writing yournown rudt prigram for this, as this is more or less the CGI standard?
wolo@lemmy.blahaj.zone 11 months ago
I know about the CGI standard, but mine does things a little differently (executable files don’t just render pages but also handle logging, access control, etc. when put in special positions within a directory), so I still think it was worth the afternoon i spent making it.
gandalf_der_12te@feddit.de 11 months ago
Yeah, especially if you did this for practice.
Just saying, that apache, for big projects, is more battle-hardened. ;-)
wolo@lemmy.blahaj.zone 11 months ago
Oh yeah definitely, Apache is way better for anything remotely serious.
camr_on@lemmy.world 11 months ago
For my own sanity, I choose to believe you’re lying