From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00
	autolearn=unavailable autolearn_force=no version=3.4.4
Path: 
 eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!news.eternal-september.org!news.eternal-september.org!news.eternal-september.org!feeder.eternal-september.org!news.swapon.de!newsfeed.fsmpi.rwth-aachen.de!reality.xs3.de!news.jacob-sparre.dk!loke.jacob-sparre.dk!pnx.dk!.POSTED!not-for-mail
From: "Randy Brukardt" <randy@rrsoftware.com>
Newsgroups: comp.lang.ada
Subject: Re: Web Development Using Ada?
Date: Tue, 6 Aug 2013 14:06:37 -0500
Organization: Jacob Sparre Andersen Research & Innovation
Message-ID: <ktrhg0$6v5$1@loke.gir.dk>
References: 
 <874bf843-8212-44a4-b0c6-e20d831325bc@googlegroups.com><kt119m$hln$2@dont-email.me>
 <kt21mn$osm$1@loke.gir.dk><op.w0w1zhgxule2fv@cardamome>
 <ktputc$fih$1@loke.gir.dk> <7x38qnbeas.fsf@ruckus.brouhaha.com>
NNTP-Posting-Host: static-69-95-181-76.mad.choiceone.net
X-Trace: loke.gir.dk 1375816000 7141 69.95.181.76 (6 Aug 2013 19:06:40 GMT)
X-Complaints-To: news@jacob-sparre.dk
NNTP-Posting-Date: Tue, 6 Aug 2013 19:06:40 +0000 (UTC)
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2900.5931
X-RFC2646: Format=Flowed; Original
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157
Xref: news.eternal-september.org comp.lang.ada:16688
Date: 2013-08-06T14:06:37-05:00
List-Id: <comp.lang.ada>

"Paul Rubin" <no.email@nospam.invalid> wrote in message 
news:7x38qnbeas.fsf@ruckus.brouhaha.com...
> "Randy Brukardt" <randy@rrsoftware.com> writes:
>>>What's "shell out" in this context? A server or anything responding to a
>>>request, has no reasons to have any connexions to the shell.
>
> It's done all the time in real servers, maybe unwisely.

Right. Most servers that I've seen use many plugins of various sorts; many 
of those are just programs executed by a shell-out.

My e-mail filter used shell-outs to invoke an anti-virus scanner (it 
wouldn't make sense to write one of those in Ada), and the current version 
of the web server does it to run CVS calls. (I wasn't happy about adding 
that to the server, but there didn't seem to be a decent alternative. At 
least those calls are not general shell-outs, they only can execute the CVS 
program. But the shell-out code is linked in somewhere to support that, 
increasing the attack surface.)

                                  Randy.