
Turn any program that uses stdin/stdout into a WebSocket server - feross
https://github.com/joewalnes/websocketd
======
archi42
1st thought: Reminds me of inetd Clicked link: This is inetd ;-)

Inetd on wikipedia:
[https://en.wikipedia.org/wiki/Inetd](https://en.wikipedia.org/wiki/Inetd)

Inetd on NVD:
[https://nvd.nist.gov/vuln/search/statistics?form_type=Basic&...](https://nvd.nist.gov/vuln/search/statistics?form_type=Basic&results_type=statistics&query=inetd&search_type=all)
I expected worse ;-)

------
schappim
This is a dupe.

For more comments checkout:
[https://news.ycombinator.com/item?id=19000109](https://news.ycombinator.com/item?id=19000109)

------
oriettaxx
It must be a big whole in security, 'cause it's really too good! :)

~~~
barrystaes
Exactly my thought. I wont be using this for exposed/public access. Which
websockets are.

First vector that comes to mind the stdin escape sequences, then there is the
inevitable leaking of sensitive information (besides bugs in the process, what
about its unhandled exceptions, segfaults, or other system errors), and then
there is the denial-of-service unless it can throttle before invoking a
process, and lets not forget about command injection.

But still i must say the idea is nice in simplicity..

~~~
beagle3
What stdin escape sequences?

~~~
jquast
terminal-related sequences?

but a websocket/PIPE fails isatty(3), so i don't think any kind of escape
sequences are possible, here.

