[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: xorriso: extracting files to stdout

Hi,

i have now uploaded

  http://www.gnu.org/software/xorriso/xorriso-1.3.7.tar.gz

with -find pseudo tests -use_pattern , -or_use_pattern,

  -use_pattern   "on"|"off"   :  This  pseudo  test  controls  the
      interpretation of wildcards with tests  -name,  -wholename,  and
      -disk_name.  Default  is  "on". If interpretation is disabled by
      "off", then the parameters of -name, -wholename, and  -disk_name
      have  to  match  literally  rather than as search pattern.  This
      test itself does always match.

  -or_use_pattern   "on"|"off"   :    Like    -use_pattern,    but
      automatically  appending  the  test  by -or rather than by -and.
      Further the test itself does never match. So a  subsequent  test
      -or will cause its other operand to be performed.

and with new command -concat (which needs to be enabled by -osirrox on):

  -concat mode [target | lim prog [args [...]] lim] iso_rr_path [***]
      Copy the data content of one or more data files of the ISO image
      into  a  disk  file  object,  into a file descriptor, or start a
      program and copy the data into its standard input.   The  latter
      is subject to the security restrictions for external filters.

      Modes overwrite and append write into the target  which is given
      by the second parameter. This may be the path  to  a  disk  file
      object,  or  "-"  which  means standard output, or a text of the
      form /dev/fd/number, where number is  an  open  file  descriptor
      (e.g.  standard error is /dev/fd/2).  An existing target file is
      not removed before writing begins. If it is  not  able  to  take
      content data, then this command fails.  Mode overwrite truncates
      regular data files to 0 size before writing into them.  Example:
       -concat append /home/me/accumulated_text /my/iso/text --

      Mode  pipe  expects  as  second parameter a delimiter word which
      shall mark the end of  the  program  argument  list.  The  third
      argument  is  the  disk_path  to the program. It must contain at
      least one '/'. $PATH is not applied.  Further parameters  up  to
      the  announced  delimiter  word  are  used as arguments with the
      program start. Example:
       -iso_rr_pattern on \
       -concat pipe + /usr/bin/wc + "/my/iso/files*" --

      The further parameters in all modes are the iso_rr_paths of data
      files.  Their content gets concatenated in the copy.

The mentioned security restrictions are this command:

  -close_filter_list
      Irrevocably ban commands -concat "pipe",  -external_filter,  and
      -unregister_filter,  but  not  -set_filter.  Use this to prevent
      external filtering in general or when all intended  filters  are
      registered   and   -concat  mode  "pipe"  shall  be  disallowed.
      External filters may also be banned totally at compile  time  of
      xorriso.   By  default  they  are  banned  if xorriso runs under
      setuid permission.

and these ./configure options (documented in README):

  xorriso allows to use external processes as file content filters. This is
  a potential security risk which may be avoided by ./configure option
      --disable-external-filters

  By default the filter feature is disabled if effective user id and real
  user id differ. This ban can be lifted by
      --enable-external-filters-setuid

Test reports are welcome.


Have a nice day :)

Thomas
Reply to: