I am invoking c/c++ from PHP using shell_exec(Server is httpd).
Is there any way where I can directly execute c/c++ executables from apache?
So the Apache will always execute only 1 executable each time (this file acts as a router). And then this executable will take care of the rest.
Thanks
You can execute it via Apache's CGI (or FastCGI) interface.
I'm not sure I get your question correctly, but if you just want to execute a lot of system commands from your script, then it doesn't really matter who calls them - you still end up having to spawn new processes and pay the price for that. If you don't want to run the commands asynchronously, e.g. if you always need one result to proceed to the next step, then just keep using shell_exec.
Unless I'm misunderstanding and you are actually compiling C++ code from within your PHP script. That'd be something else.
Related
I'm coding a web server for fun and I'm now trying to make it dynamic.
I need to do the part usually PHP would do in regular web development, be inside the page code and be executed server side while the server runs.
Now, I've been thinking, and reading a bit on this. I could separate it and then invoke the compiler to make that code run, but I've also read that's not a good way to go about it, so I'd like to avoid it.
I thought maybe if I compiled a program that would go with the specific page it was meant to and made it change the page based on arguments and return the page in buffers, it could work, but that just seems cumbersome.
One wouldn't want to include the code for every single page on the webserver because it just doesn't scale well.
I don't believe C++ can do a "CALL" as in batch when the program is running, it would though, I believe, be the ideal solution besides including a file mid program which isn't possible.
I would like to know whether or not there's a way of executing a program or non-included code during runtime and if so how.
You could try dlopen, dlsym, dlerror and dlclose. These allow you to, at runtime, load libraries. Your server could use it to load code which should execute inside a page.
Howto, by Aaron Isotton
Documentation on man7.org
I want my program to download some audio file from a link I give it and save it.
I know this can be easily done in the command line using curl (for instance: curl -A "Mozilla" "www.example.com" > hello.mp3
I saw examples where system() was used to run curl (i.e it looked something like system(curl -A "Mozilla" "www.example.com" > hello.mp3) . Even though this is an easy solution it seems bad to me.
Would it be better practice to write an equivalent code using the matching library (libcurl in this case)?
What do you guys think?
P.S - This is a general question in a sense. What I mean by that is that there are many command line programs which can be run by system() to get a fast and easy result. The question is if it's okay to use this method to achieve it.
Yes, it would be better to use libcurl directly. That's what it exists for.
That way, you avoid:
the cost of a system call
the cost of spawning a new process
potential security-related bugs in your system call
Invoking curl from the shell will basically just spawn a new shell and new process for no reason, then go ahead and use libcurl inside that process anyway. Cut out the middle man.
I have a Windows local service that may spawn off a process to execute a JScript script (in a .js file) via the Windows Script Host. The issue is that I need to notify my service of the results generated by the script in the .js file. A transfer or a simple 32-bit integer, or a string would suffice. What would be the way to do this?
PS. The code must run on Windows XP SP3 or later OS.
Your best bet is to create an out of process COM object that executes within your service. Just implement the necessary scripting interfaces and provide a member function to match the notification and call it from your script as such:
newObj = new ActiveXObject("localserver.mynotify");
newObj.Notify("finished");
Would the exit code of the process be enough?
Windows Scripting host has has a .Quit(errorCode) method that allows you to set the exit code.
You should be able to call WSH directly from the service and get the return code with GetProcessExitCode() by passing the process handle that you received after spawning it.
Note that almost everything you can do from a JScript file can also be done with native code.
Do you have to execute the .js file as an external process? Windows Scripting has COM objects that an app can use to run scripts within its own process. I use this to execute script files within my service processes, and it works fine. The hosting process can even implement its own IDispatch-based classes and pass them to the scripting engine to expose to scripts as global objects so the scripts can communicate with the hosting process without having to use new ActiveXObject or CreateObject() to access those objects.
I see your script is written in JScript and your app in C++.
Perhaps the easiest way to accomplish what you want is by writing a file, say, to programdata folder which your service should have access to. Maybe use a GUID for the particular request, pass that to the JScript so it's guaranteed to be a unique file. Not ideal.
Another way to get JScript output ... Can you call out to managed code (C#)? If so, you could use a .NET-based or .NET-callable JavaScript compiler/interpreter. This would allow you to avoid IActiveScript and also to grab the values right out of the script context or from function return. I've used Jurassic and JavaScriptDotNet, both very easy to use and extend.
This might open a problem if you heavily rely on ActiveXObject calls (ie: FileSystemObject) and don't want to write components. JuraScript wraps the Jurassic engine and add ActiveXObject support to it for COM automation.
I am a C++ newb, so I don't know how much of a leap this is for you although I know it's possible to interop between managed/C++.
Just thought I'd mention these scenarios as I didn't see them listed in answers.
Our app is ran from SU or normal user. We have a library we have connected to our project. In that library there is a function we want to call. We have a folder called notRestricted in the directory where we run application from. We have created a new thread. We want to limit access of the thread to file system. What we want to do is simple - call that function but limit its access to write only to that folder (we prefer to let it read from anywhere app can read from).
Update:
So I see that there is no way to disable only one thread from all FS but one folder...
I read your propositions dear SO users and posted some kind of analog to this question here so in there thay gave us a link to sandbox with not a bad api, but I do not really know if it would work on anething but GentOS (but any way such script looks quite intresting in case of using Boost.Process command line to run it and than run desired ex-thread (which migrated to seprate application=)).
There isn't really any way you can prevent a single thread, because its in the same process space as you are, except for hacking methods like function hooking to detect any kind of file system access.
Perhaps you might like to rethink how you're implementing your application - having native untrusted code run as su isn't exactly a good idea. Perhaps use another process and communicate via. RPC, or use a interpreted language that you can check against at run time.
In my opinion, the best strategy would be:
Don't run this code in a different thread, but run it in a different process.
When you create this process (after the fork but before any call to execve), use chroot to change the root of the filesystem.
This will give you some good isolation... However doing so will make your code require root... Don't run the child process as root since root can trivially work around this.
Inject a replacement for open(2) that checks the arguments and returns -EACCES as appropriate.
This doesn't sound like the right thing to do. If you think about it, what you are trying to prevent is a problem well known to the computer games industry. The most common approach to deal with this problem is simply encoding or encrypting the data you don't want others to have access to, in such a way that only you know how to read/understand it.
I'm trying to find an easy way to execute a java vm in windows using a C++ wrapper. I can use CreateProcess() to launch java.exe directly with all of my parameters that I need to give it. The problem is this now shows up as two processes in process manager. So, if I kill the parent process, the java.exe instance still sticks around.
The reason I need to do this is that we have a few java programs, all of which will be running concurrently. I want to be able to give them distinguishable names in the process explorer, so that if a user has trouble with one of them, they don't have to guess which java.exe process that corresponds to.
You can replace java.exe with your own executable. This article from the Java Glossary discusses how java.exe works and where to find the source for it. It's possible that you could get by simply by copying and then renaming java.exe