[Ur] Can an Ur/Web server be made to create directories / write to files on the host Linux filesystem?

Sun May 17 23:38:17 EDT 2015

Hello -

I would like to make my Ur server interact in a few basic ways with the
Linux filesystem:

- writing files
- creating directories

In order to ensure security, these kinds of filesystem operations performed
by Ur/Web would of course be tightly restricted to a very small
predetermined set of functions, arguments, and filesystem locations, and
would only be able to be directly invoked from the server-side (never from
the client-side).

Since Ur is specialized to be a webserver, I don't think there are any
existing commands in Ur itself which would allow the server to perform
these interactions with the filesystem, correct?

So I assume this would only doable via the C FFI (foreign function
interface) using C functions such as:

- fputs in stdio.h
- mkdir in sys/stat.h

The parameter and return types for functions operating on strings in C
(such as fgets and fputs) look like:

char *

but I understand that in the ffi.c file, I would use the corresponding
string type defined in urweb/urweb.h, ie:

uw_Basis_string

Is that correct?

I got some ideas from here:

https://github.com/doublec/urweb-persona/blob/master/ffi.c

Thanks for any pointers if I'm doing anything wrong here.

===
===

Below are the 3 files I would plan on using:

// (1) This file is: uw_filesystem.urs

#include <urweb/urweb.h>

int uw_mkdir_rwxog(uw_Basis_string);

int uw_fputs(uw_Basis_string, uw_Basis_string);

===
===

// (2) This file is: uw_filesystem.h

#include <urweb/urweb.h>

int uw_mkdir_rwxog(uw_Basis_string);

int uw_fputs(uw_Basis_string);

===
===

// (3) This file is: uw_filesystem.c

#include <string.h>
#include <sys/stat.h>
#include <stdio.h>
#include "ffi.h"

// create a directory, defaulting to read/write/execute persmissions for
owner and group
// arguments: aPathName
// argument 'mode' (of type bit-field), representing permissions, defaults
to S_IRWXU | S_IRWXG = 0770
// meaning read/write/search/execute permissions by owner and by group
// http://pubs.opengroup.org/onlinepubs/009695399/functions/mkdir.html
// http://pubs.opengroup.org/onlinepubs/9699919799//basedefs/sys_stat.h.html
// https://www.google.com/?gws_rd=ssl#q=c+%22bit+field%22+gcc+int+signed
int uw_mkdir_rwxog(uw_Basis_string aPathName)
{
  int status;
  status = mkdir(aPathName, S_IRWXU | S_IRWXG);
  return (status);
}

// write a string to a file
// arguments: aFileName, aString
// returns: number of characters written, or EOF for error
int uw_fputs(uw_Basis_string aFileName, uw_Basis_string aString)
{
  FILE *fp;
  int status;
  fp = fopen(aFileName, "w");
  status = fputs(aString, fp);
  fclose(fp);
  return (status);
}

////
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.impredicative.com/pipermail/ur/attachments/20150518/b3767b52/attachment.html>