堆栈内存溢出
  简体   繁体   English

通过 GET 请求在服务器上执行 Python 命令

[英]Execute Python commands on a server via a GET request

 原文  2020-06-23 20:59:46       python/ django/ linux/ flask

问题描述

On My server, i have installed spleeter which is a python app.在我的服务器上,我安装了 spleeter,它是一个 python 应用程序。 I am able to successfully call the spleeter commands in my terminal to execute my required commands.我能够在终端中成功调用 spleeter 命令来执行我需要的命令。

I want to be able to execute those terminal commands with an http get request.我希望能够使用 http 获取请求来执行这些终端命令。

Basically, i have an android app thats supposed to make a Get request to my vps server which executes the spleeter commands and returns the response.基本上,我有一个 android 应用程序,它应该向我的 vps 服务器发出 Get 请求,该服务器执行 spleeter 命令并返回响应。

Please how can i create the Get endpoint.请我如何创建 Get 端点。 I need pointer please.我需要指针。

1 个解决方案

解决方案1
 1  2020-06-23 21:26:12

So, in the most simplistic sense, you can create a python web app (using Django, Flask or raw Python, etc.) that serves an HTTP endpoint. So, in the most simplistic sense, you can create a python web app (using Django, Flask or raw Python, etc.) that serves an HTTP endpoint. In that web app, you can do something like this that will run commands inside a python function, depending on the contents of the GET request:在该 web 应用程序中,您可以执行以下操作,在 python function 中运行命令,具体取决于 GET 请求的内容:

   import os

   def run_command(command):
      if command = "ls":
         os.system('ls -l')
   ...

The only problem here is that, without authentication, this is horribly insecure.这里唯一的问题是,如果没有身份验证,这是非常不安全的。 Anyone with access to the internet could call your endpoint and run those commands, unless you add some sort of authentication into your Android and/or Python app to validate requests.任何有权访问互联网的人都可以调用您的端点并运行这些命令,除非您在 Android 和/或 Python 应用程序中添加某种身份验证来验证请求。

Even passing a simple "token" in a custom HTTP header from the app to the web server might be better than nothing to verify it is a legit user sending the command.即使在自定义 HTTP header 中将一个简单的“令牌”从应用程序传递到 web 服务器,也总比没有验证它是发送命令的合法用户要好。

The other problem here is that the Python (or web server) user has to have permissions to run the command, that is another security issue altogether.这里的另一个问题是 Python(或 web 服务器)用户必须具有运行该命令的权限,这完全是另一个安全问题。

Alternatively, you could have the endpoint store the commands it received via GET requests into a Redis queue or something, and then have a separate script running locally validate the commands and run them on the system so at least you separate the web portion from the server user portion.或者,您可以让端点将通过 GET 请求接收到的命令存储到 Redis 队列或其他东西中,然后在本地运行一个单独的脚本来验证命令并在系统上运行它们,这样至少您将 web 部分与服务器分开用户部分。

Without more details, it is hard to know exactly what you want to accomplish.没有更多细节,很难确切地知道你想要完成什么。

Reference: https://janakiev.com/blog/python-shell-commands/参考: https://janakiev.com/blog/python-shell-commands/

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何通过 python 脚本在可执行文件中执行命令 - How to execute commands in exucutable via python script Python子进程执行远程服务器命令 - Python subprocess to execute remote server commands 有没有一种方法可以通过PyVMomi在VMWare服务器上执行Shell命令 - Is there a way to execute shell commands on VMWare server via PyVMomi 使用python脚本通过telnet在远程主机上执行命令 - Execute commands on remote host via telnet with python script 如何在服务器中执行迭代命令而不使用 python 登录服务器 - How to execute iterective commands in the server without login into the server using python 如何编写可以获取和执行python命令的python脚本? - How to write a python script that can get and execute python commands? 在Python中按顺序执行命令? - Execute Commands Sequentially in Python? 用python执行linux命令 - execute linux commands with python Python执行HTTP命令 - Python execute HTTP commands 在 Python Paramiko 中的 SSH 服务器上的辅助 shell/命令中执行(子)命令 - Execute (sub)commands in secondary shell/command on SSH server in Python Paramiko
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM