• wolo@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    131
    ·
    edit-2
    1 year ago

    my website’s backend is made with bash, it calls make for every request and it probably has hundreds of remote arbitrary code execution bugs that will get me pwned someday, it’s great

    edit: to clarify, it uses a rust program i made to expose the bash scripts as http endpoints, i’m not crazy enough to implement http in bash

    it behaves like a static file server, but if a file has the others-execute permission bit set it executes the file instead of reading it

    it’s surprisingly nice for prototyping since you can just write a cli program and it’s automatically available over http too

      • wolo@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        12
        ·
        1 year ago

        i thought it was neat how php lets you write your website’s logic with the same directory tree pattern that clients consume it from, but i didn’t want to learn php so i made my own, worse version

      • wolo@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        10
        ·
        1 year ago

        I’ve taken some precautions, it’s running in a container as an unprivileged user and the only writable mount is the directory where make writes rendered pages, but i probably should move it into a vm if i want to be completely safe lol

    • bdonvr@thelemmy.club
      link
      fedilink
      arrow-up
      47
      ·
      1 year ago

      I designed a chip architecture that runs bash code on silicon.

      I reimplemented x86 assembly in purely bash script.

    • gandalf_der_12te@feddit.de
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      1 year ago

      you do realize that you can just use Apache instead of writing your own rust program for this, as this is more or less the CGI standard?

      • wolo@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        I know about the CGI standard, but mine does things a little differently (executable files don’t just render pages but also handle logging, access control, etc. when put in special positions within a directory), so I still think it was worth the afternoon i spent making it.