Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

But my point is even the safest of coreutils will make dozens of SYSCALLs. The moment you start pipelining commands there will be several writes since that's how pipelining works and if you break even one of those writes the entire pipeline fails and the usefulness of this pipeline preview utility falls flat.

There isn't a way you can make this utility safe and useful.

You can make it safe, but then you're drifting into a whole new field of computing with regards to analysing suspicious binaries. Unfortunately you then don't have reliable, accurate, real time pipeline previews. Or you can have the real time previews but you then have to accept there is some risk involved. But you can't have it both safe and risk free.

This is why murex took the approach of having a safe list of trusted executables. It doesn't remove the risk but it at least reduces the risk to a subset of commands that are typically read only. However even that is far from a perfect solution.



Thinking about it more, the kind of guarantees you want are the kind given by a VM for running untrusted binaries. The only difference is that you don't mind read-access to the host system.

Yes, there will be certain things that involve system-calls or network activity that your previewer will not accurately show. But those cases fall far outside the goal of "live preview of text output of data processing pipelines".


No they don’t. Believe it or not a lot of people make network API calls from the command line.

I know this because I’m one of them. I’ve even published guides I’m on how to make said API calls and parse them all as one command pipeline.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: