Comment by bonyt
2 years ago
If you want this to be a little safer, instead of just those guardrails to prevent semicolons and such, you can split the command into an array of arguments, and use subprocess.Popen. It won't execute through a shell, so you don't have to worry about shell injection[1]. Though I'm sure there are unsafe ways to invoke ffmpeg anyway.
[1]: https://docs.python.org/3/library/subprocess.html#security-c...
I'd rather manually review all AI-generated command before running it.
I'm pretty sure you can dump a stream without transcoding directly to a file, and the stream can be sourced from an url, and the destination file can be users ssh authorized_keys
And the GPT-4 API would want to respond with an output to do that when that isn't what the user asked for?
I am almost certain one can find a seed+temperature pair that will result in such output given a non-malicious prompt.
4 replies →
Or do a second query to ask whether the command is safe to execute.
Then do a third query to determine whether the answer to the second query was trustworthy.
still awaiting the induction step.
I really wish there was a native way to provide a suggested command to run next, and then let your own shell deal with it, after the user’s Enter keypress.
http://openinterpreter.com will just run commands for you
Please, do not use subprocess.Popen. Use something like plumbum, way safer and more robust.
If you can make a python program which only uses stdlib, it becomes wonderfully portable and easy to work with. Also, significantly more people use stdlib, there is more knowledge on the internet, and xz-style supply chain attacks are significantly less likely.
This is why my advice to everyone is to use python's stdlib as much as possible, and avoid using Python's external libraries unless they significantly simplify code.
Plumbum seems nice (and also is packaged in debian/ubuntu, which is a plus), but it does not seem to be significantly safer than correctly written subprocess code, and it won't even save that much lines in this particular example.
I agree and disagree. Python’s Subprocess has been the reason for many unfortunate, time-consuming bugs among users who think they are properly executing external commands, but that in end cannot realize their logic are full of errors, with no indication that something went bad.
I agree that a standard interface is always better, however not at the cost of productivity. A better than the current Subprocess interface is needed, and I think plumbum is the direction to go.
1 reply →
quoting is the enemy.
shlex.quote all the things. So many dumb problems solved trying to manually escape shell commands.