Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Run shell commands from scripts

janco
Champ in-the-making
Champ in-the-making

‎03-14-2008 09:26 AM

I was searching the alfresco wiki and forums, but didnt find anything about this.

Is it possible to run shell commands from scripts? I mean from the scripts that are in "Company Home > Data Dictionary > Scripts". I know its a javascript but as I am looking on the examples there looks like its accessing local resources (like spaces,docs etc.)
So again: Is it possible to run shell commands from scripts?

Thanks in advace

Jan
Labels:
0 Kudos
3 REPLIES 3

jbarmash
Champ in-the-making
Champ in-the-making

‎03-14-2008 10:29 AM

I would guess not (with about 60% confidence level). 

We use Rhino as an engine for server-side JavaScript.  The way it works is that you need explicitly expose certain Java objects as Java.  I don't believe low-level functionality of Java is exposed.

Even if it is possible, then it should not be, since that would introduce a security problem - people could then upload a script that starts interacting with the server file system - not a good idea.   I thought i saw some checkins recently around improving security of these scripts. 

On the other hand, the scripts that are deployed on a file system don't have the same security problem, but I am not sure if you could write to the filesystem from there.
0 Kudos

pmonks
Star Contributor
Star Contributor

‎03-14-2008 04:49 PM

You're spot on Jean.  Scripts stored in the repository run in a sandbox that prevents the code from doing anything dangerous (including things like calling Java APIs and, by extension, invoking OS commands / scripts) - this is to prevent users from uploading and running scripts that inadvertently or maliciously damage the system (or worse!).

That said, Alfresco v2.1.3 and above include a change that enables scripts stored wholely within the classpath to access native Java APIs (which allows all sorts of logic, including invocation of OS level commands / scripts).  The reasoning here is that if a developer has sufficient privileges to manipulate the Alfresco classpath, there's not a lot Alfresco can do to prevent inadvertent / malicious damage to the system by that person (since they have direct filesystem access to the server).
0 Kudos

mir4ge
Champ in-the-making
Champ in-the-making

‎03-15-2008 10:18 PM

Don't if the following can be useful to you… but…

I think that you could use the Java Runtime class ( http://java.sun.com/j2se/1.3/docs/api/java/lang/Runtime.html )
as a wrapper, passing your shell commands through strings…

You could refer to the source code of the RuntimeExecutableContentTransformer class ( http://wiki.alfresco.com/wiki/Content_Transformations )
which is embedded in Alfresco…
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC