Python, CGI and PGP
Jim Dennis
jimd at vega.starshine.org
Wed Mar 27 07:24:01 EST 2002
In article <3ca0b0f9 at peer1.news.newnet.co.uk>, Phil Edwards wrote:
>Jim Dennis wrote:
...
> Thanks, Jim, this is definitely one for the "little black book". When I see
> things like this, I'm reminded just why I love UNIX so much...
>> If you are reasonably persistent and a little clever you should be able
> Oh, that leaves me out, then :-)
> Managed to figure it all out with the help of the wrapper stuff above. It
> turns out that both 'os.system' and 'commands.getoutput' (which I had
> tried) trash so much of the execution environment that there's hardly
> anything left for the binary to wprk with.
I'd suspect that the web server is probably cleaning most of
the environment out. I wouldn't immediately suspect Python of
doing it (though I haven't looked through its code nor run
an strace on it).
A quick test from an interactive Python session (calling
os.system("bash") and also os.system("sh")) shows that they
have almost the same environment that I have from before
Python was loaded. (The only discrepancies were SHLVL, which
is to be expected, and in the LINES and COLUMNS values, which
appeared in my sub-shells but not in the parent of my Python
process. LINES and COLUMNS are set by bash for curses support
--- but their omission should be innocuous for our purposes here.
The web server, on the other hand, is well advised to execute
CGIs in a "clean room" environment. It probably uses one of the
flavors of exec*() that passes a pointer to a new environment
to the system and thence to the child process. You might be
able to modify your Apache (or other httpd / web server) configuration
to retain more of your environment.
> I'm left with the following code in my CGI app:
> cmd = 'export PGPPATH=/var/www/.pgp; /usr/local/bin/pgp -z windsurf -sta
> -f - '
> print 'content-type: text/html\n\n'
> pw,pr = os.popen2(cmd)
> pw.write(tdata)
> pw.close()
> junk = pr.read()
> print string.replace(junk, '\n', '<br>\n')
> Thanks for your help! It's a shame there isn't a scheme for sending
> beer/pizza vouchers over the 'net...
You could send that to the Samba team in Canberra, Australia.
I learned part of that trick from Tridge (Andre Tridgell, the
creator of Samba). They used to have an account with the local
pizza shop. I suppose you could follow the link on their web
site (http://www.samba.org/ ) to buy mugs or T-shirts.
I've actually been considering creating a Paypal account for
receiving payments from my remote consulting customers. However,
I'd never charge for answers to USENET.
I just consider the effort I put into my answers here to be a small
token of gratitude for the many answers I've received *from* netnews.
Despite all the flamers, trolls, and spam I've found that netnews is
the fastest way for me to learn a new technical subject.
Although I'll read any manuals I can find (I've got about a dozen
Python books at this point) and I'll even take the odd class if I can
find the time (they usually don't fit into my schedule, and they
usually go WAY TOO SLOW) and I go to user group meetings (too often
in a formal presentation style rather than a "workshop" gathering).
Despite all these alternative approaches I find that the USENET
netnews medium affords the most practical way for me to learn.
I do well when posed with lots of diverse questions around a subject
and given the instant gratification of many answers (some wrong!).
The game I play with myself, is that I try to guess the answer to
each puzzle and I try to critique each proposed answer. As I
find that I can guess the "right" answers more often then not, I
move from lurker mode to active participant. That forces me to
actually write and test my examples, which forces me to look up
reference material on specific functions, which helps me gain
practical proficiency.
(I've been studying Python for about six months now).
Anyway, glad I could help.
More information about the Python-list
mailing list