tauri-apps
[feat] allow any shell command scope
Describe the problem
It's really very lacking. I can't ask the user to specify the path to the executable, tauri just won't let me do it. Why can't I allow this in the same way as for fs for example.
Describe the solution you'd like
Make similar to fs, something like **
Alternatives considered
I hope I get these alternatives here, I can't bear to invent what's already there.
Additional context
What are the reasons? Why doesn't it still work that way? What workarounds can I use?
This is a security measure. The webview is insecure and allowing arbitrary access to the shell is really dangerous.
Can you elaborate a bit more on your use-case? what app are you trying to access through the shell?
a middle ground could be to add a way to extend the scope on the rust side similar to how it's possible for the fs/asset scopes
This is a security measure. The webview is insecure and allowing arbitrary access to the shell is really dangerous.
Can you elaborate a bit more on your use-case? what app are you trying to access through the shell?
I want to run java. But it requires java and JAVA_HOME in the PATH. I have automated the installation of java, but I can't run it because I have to specify the path to the executable, but the shell api doesn't allow this
a middle ground could be to add a way to extend the scope on the rust side similar to how it's possible for the fs/asset scopes
It would be great if you could help me find a better workaround than rewriting the implementation. I'm not good in rust, this is what I use as a workaround, but it's a very crude solution, it only pipes stdout and can't be killed.
#[tauri::command]
pub fn spawn<R: Runtime>(
app_handle: AppHandle<R>,
binary: String,
args: Vec<String>,
cwd: String,
std: String,
errevent: String,
close: String,
) {
thread::spawn(move || {
let mut child = match Command::new(binary)
.args(args)
.current_dir(cwd)
.stdout(Stdio::piped())
.stderr(Stdio::piped())
.spawn() {
Ok(child) => child,
Err(err) => {
let _ = app_handle.emit_all(&errevent, err.to_string());
return
}
};
let stdout = child.stdout.as_mut().unwrap();
let mut stdout_buf = BufReader::new(stdout);
loop {
let mut out = String::new();
let _ = match stdout_buf.read_line(&mut out) {
Err(err) => app_handle.emit_all(&errevent, err.to_string()),
Ok(bytes) => {
let result = app_handle.emit_all(&std, &out);
if bytes == 0 && out.is_empty() {
break;
}
result
}
};
}
let exit_status = child.wait().expect("failed to wait on child process");
let _ = app_handle.emit_all(&close, exit_status.code().unwrap_or(-1));
});
}
you can just require your users to have Java installed and add it to PATH so you can just add java as the cmd in the scope
I need more than one java environment He can not run in the PATH Because Minecraft 1.17+ uses Java 17 but 1.16- uses Java 11/8 So I need the user to set the Java list and then determine which Java to use by version
Is it possible to set **/java to match all java programs
I came across this issue today, I wanted to create a chess engine gui and the user can select any executable he wants and i want to spawn a process with that, for this case the user himself is responsible to provide a secure executable.
Can I expect this to be allowed soon?
I think this can be implemented via a plugin.
I would also like this. I would like to allow my users to enter an arbitrary command to execute. In essence I'm basically wanting to build a better terminal... kind of. The important part is that the commands are being explicitly entered by the user, and executed on their behalf.
The bit I don't get about this restriction is that it doesn't actually prevent Tauri programs from executing arbitrary code. I can still do it with a rust command. What it means is that anyone who wants to do it has to implement it themselves, and probably do a worse job - which is presumably a worse outcome for users.
I would also like this. I would like to allow my users to enter an arbitrary command to execute. In essence I'm basically wanting to build a better terminal... kind of. The important part is that the commands are being explicitly entered by the user, and executed on their behalf.
The bit I don't get about this restriction is that it doesn't actually prevent Tauri programs from executing arbitrary code. I can still do it with a rust command. What it means is that anyone who wants to do it has to implement it themselves, and probably do a worse job - which is presumably a worse outcome for users.
:rofl: It's just security, if you want to break it, write the word "confirm" a hundred lines long.
It's probably to allow people to use unsanitized input in the command creation... which aint wrong but having some possibility to skip the validation would be beneficial.
The bit I don't get about this restriction is that it doesn't actually prevent Tauri programs from executing arbitrary code. I can still do it with a rust command. What it means is that anyone who wants to do it has to implement it themselves, and probably do a worse job - which is presumably a worse outcome for users.