cradle: Run child processes with ease

This page summarizes the projects mentioned and recommended in the original post on /r/rust
Rust

InfluxDB
Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • cradle

    Rust library for running child processes (by soenkehahn)

    • I opened a PR for narrowing the argument type to `Split` down here: https://github.com/soenkehahn/cradle/pull/191

  • xshell

    • This is an API vulnerable to shell injection. I think it’s relatively important to design command-running libraries which don’t re-introduce the possibility of this error into Rust. The fix here is to ensure that the string is a compile-time string, and, preferably, even lex it at compile time. See xshell for an example of ergonomic and safe API here: https://github.com/matklad/xshell.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • cradle-of-tar

    • Yeah, the cradle doesn't use shell, which is great, and which clauses the worst vector for the attacks. However, if the user uses % with format!, and the attacker controls the argument, the attacker can inject arbitrary extra arguments into the command line. Depending on the command, this might allow for remote code execution. See the following repo for an example: https://github.com/matklad/cradle-of-tar

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts