[DGD] Bad plumbing leaks silver lining

Shentino shentino at gmail.com
Thu Aug 3 20:17:01 CEST 2006


Ok, I tried to be oh so clever and thought it might be a nice secure
way to have communications with an external process...

By using a named pipe.

My plan was to spawn a subshell in my DGD bootscript that would read
from the pipe and execute shell commands.  The fifo would be in
~System/extern/fifo/sh.  Klib restrictions would forbid anyone from
tampering with the shell's input and injecting a trojan, and plain old
Unix style file permissions would protect the pipe from trojans
outside the mudlib.

Alas, DGD thinks it has to seek to zero on a file, and chokes because
seeking on a pipe returns -ESPIPE (or something like that...confirmed
with strace).  What's really weird is that it worked...ONCE.

All was not lost, as the fifo was still OPENED, which had the nice
side effect of signalling the process at the other end of the pipe,
and even though DGD failed to actually write anything, the "open for
write mode" was enough to unblock the other process, a waiting
subshell, so that it could do its post-init stuff (like spawning
utility daemons).  So while I couldn't use the fifo to transfer data,
it still worked nicely as a semaphore.

Just thought I'd post this, in case anyone finds a use for it.  It
seems particularly clever.

Obviously, this will only work on systems that support POSIX compliant
named pipes, aka fifos.



More information about the DGD mailing list