I have never tried modifying a web browser but is it possible to embed a program as a DOM element?
The simplest example would be to take that stupid Calculator program in Start>Applications and just place it in the top left hand corner of the browser. I don't need it to communicate with the browser, just sit there and be interactive.
What I really need is ssh access via a terminal (ie. Putty or Linux command line) but I don't want to use Anyterm or Ajaxterm which is incredibly slow. Similarly I don't want to force the user to open a new terminal. Although functionally it would be the same, it doesn't look or feel the same.
I'm sure there's a way to do this, I just have no idea where to start looking.
Cheers
In principle, it is possible. You would use some program which will be executed by some browser plugin (or other browser-specific mechanism) - or do this fully in JavaScript.
Possible mechanisms would be Flash (which will be executed by the browser's Flash plugin), or a Java applet (which will normally be executed by the Java plugin, though some browsers (like Konqueror) have their own way of embedding Java applets).
For client SSH access with a terminal, done in Java, an almost ready solution would be JCTerm, together with JSch (both from JCraft).
Related
creation of a website through which can access Linux server and where can execute some operations like executing scripts, firing up some commands. need some expert guidance with some concepts.just guide me how can i achieve through, i have goggled a lot unable to get the proper concepts or methods. or is it even possible.
Have you considered using something along the lines of VNC or SSH? As JNevill pointed out, either of these methods would be infinitely more secure. Also, consider using something like cron for scheduled jobs.
However, sometimes a webpage for running a program on a server may be acceptable. e.g. IoT project. To do this, you would setup an API page using a back-end language like PHP (recommended if you're using Linux). In the back-end language you would check your user credentials, and then run the command.
Some guidelines in doing this:
Never allow commands to be entered on the webpage, only allow tasks to be completed using controlled inputs like buttons, selectboxes and sliders. i.e. a button to get an Arduino to close your garage door, or a slider to dim/brighten a light bulb, or a button to start a program to index something, etc.
None of these "command buttons" should ever do anything harmful. i.e. delete a folder or file.
I am trying to make an application that runs submitted scripts, and would like to try to sandbox the submitted scripts. The scripts need to be able to be able to read in a certain directory (and in all of its subdirectories), but shouldn't be able to write at all, and, other than being able to read, should not be able to do anything that could not be done in a browser (ie download files using http). How would I go about doing this?
I don't think Node has this capability built in, but you should be able to run an "unsandboxed" Node on a *nix operating system as a severely restricted user (might be possible in other OSes too, I'm not sure). You might also want to look at Node's VM module.
Eventually, I decided on using the vm node module. I basically just made a namespace that the script running in the sandbox could use that would filter out malicious requests / requests that ought to be out of the bounds of the sandbox. The namebox included fs methods that would be necessary, but failed to execute any of the ones that would modify any directory other than the certain one that I wished the script to be able to modify.
I usually use PuTTY to execute commands on a Linux machine. But I wish to make a webpage from where I can execute specific commands on a Linux machine by simple button clicks.
What are the various options available and what is the one that is easy to implement?
This depends on the kind of server you are running. But almost all servers have some kind of CGI support or an equivalent. Keep in mind that this can often cause a security issue.
I don't think you can and should try to embed script code in your page.
The best suggestion may be to hyperlink a script file and let the user get it from your server.
Just put that file on the server and then hyperlink it.
securewebcmd can do this for you
can use http or https
password protected
password not transmitted in clear, even using http (hashes the commandline with the password, and server does the same thing, using its copy of the password, and only runs the command, if the hashes match)
can queue commands, which run sequentially
can view results of any of the commands you've run earlier, even if you restart the server
uses nodejs: no dependency on any heavyweight server, ie no need for apache, jboss etc ...
I've been looking into this, as far as how I can run selenium browser instances in the background. I found some things about using a virtual GUI instance, or something like that, but it was all for Windows.
I'm using Ubuntu linux so I'm wondering what the easiest way would be to suppress the actual browser instances showing up for the user who started the selenium instances since I am threading like 25 of these, at the moment, and its kind of strange / annoying having all of them open.
Thanks for any advice.
If you are using Firefox you can do *custom path/to/browser --display=:0. If you want to use other browsers and writing your tests in java you can use htmlunit and specify the capabilities. If you are using ruby you can use capybara in a similar way to htmlunit.
There is a possibility to run it in a virtual window system (Xvfb).
You might find something interesting here: http://wiki.openqa.org/display/SRC/Selenium-RC+and+Continuous+Integration
There are samples at the bottom of the page.
We're going to try that out pretty soon!
Good luck!
I have a UI app (uses GTK) for Linux that requires to be run as root (it reads and writes /dev/sd*).
Instead of requiring the user to open a root shell or use "sudo" manually every time when he launches my app, I wonder if the app can use some OS-provided API to get root permissions. (Note: gtk app's can't use "setuid" mode, so that's not an option here.)
The advantage here would be an easier workflow: The user could, from his default user account, double click my app from the desktop instead of having to open a root terminal and launch it from there.
I ask this because OS X offers exactly this: An app can ask the OS to launch an executable with root permissions - the OS (and not the app) then asks the user to input his credentials, verifies them and then launches the target as desired.
I wonder if there's something similar for Linux (Ubuntu, e.g.)
Clarification:
So, after the hint at PolicyKit I wonder if I can use that to get r/w access to the "/dev/sd..." block devices. I find the documention quite hard to understand, so I thought I'd first ask whether this is possible at all before I spend hours on trying to understand it in vain.
Update:
The app is a remote operated disk repair tool for the unsavvy Linux user, and those Linux noobs won't have much understanding of using sudo or even changing their user's group memberships, especially if their disk just started acting up and they're freaking out. That's why I seek a solution that avoids technicalities like this.
The old way, simple but now being phased out, is GKSu. Here is the discussion on GKSu's future.
The new way is to use PolicyKit. I'm not quite sure how this works but I think you need to launch your app using the pkexec command.
UPDATE:
Looking at the example code on http://hal.freedesktop.org/docs/polkit/polkit-apps.html, it seems that you can use PolicyKit to obtain authorization for certain actions which are described by .policy files in /usr/share/polkit-1/actions. The action for executing a program as another user is org.freedesktop.policykit.exec. I can't seem to find an action for directly accessing block devices, but I have to admit, the PolicyKit documentation breaks my brain too.
So, perhaps the simplest course of action for you is to separate your disk-mangling code that requires privileges into a command-line utility, and run that from your GUI application using g_spawn_[a]sync() with pkexec. That way you wouldn't have to bother with requesting actions and that sort of thing. It's probably bad practice anyway to run your whole GUI application as root.
Another suggestion is to ask the author of PolicyKit (David Zeuthen) directly. Or try posting your question to the gtk-app-devel list.