dst2017 2016-10-01 19:03
浏览 33
已采纳

CLI还是程序的纯C / C ++库? [关闭]

Background / Context: I am developing a Linux NAS Server (Like FreeNAS or Rockstor) using Golang, the particular features will be a JSON-REST API so that you can interact with LVM2, shares, packages, etc.

Question: With respect to security, performance, and development time, what are the advantages / disadvantages / best practices of implmenting spawned processes or using a native library for certain features for a program?

Example: For my particular use case, the NAS management system will be using LVM2 to manage volumes. However you can use the CLI to manipulate volumes or you can attempt to use the LVM2 native C API and merge it with Golangs cgo package.

EDIT: Rephrased my question / information.

  • 写回答

1条回答 默认 最新

  • 普通网友 2016-10-01 19:26
    关注

    There are two things that may make using exec in the different variants a nogo: security and speed.

    • Security: If you shell out with system() or friends, you must be absolutely certain that you don't include any strings in the command that may do funny stuff with your command line. It's the same basic problem as SQL code injection, just at a much lower and even more disastrous layer (obligatory XKCD, just replace "'); DROP TABLE Students;--" with valid sh code along the lines of '"; echo "pwnd', well, you get the idea).

    • Speed: When you shell out to an existing program, you create a new process, and that may be the performance hit you cannot tolerate. It's perfectly ok if the task for which you shell out takes more than a few milliseconds (process creation is somewhere in the range of a millisecond on linux), but if you want more than a thousand calls per second, you definitely need to avoid this overhead.

    If these two points are taken care of or proven to be non-issues, then it's perfectly ok to shell out to other processes.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥50 有数据,怎么建立模型求影响全要素生产率的因素
  • ¥50 有数据,怎么用matlab求全要素生产率
  • ¥15 TI的insta-spin例程
  • ¥15 完成下列问题完成下列问题
  • ¥15 C#算法问题, 不知道怎么处理这个数据的转换
  • ¥15 YoloV5 第三方库的版本对照问题
  • ¥15 请完成下列相关问题!
  • ¥15 drone 推送镜像时候 purge: true 推送完毕后没有删除对应的镜像,手动拷贝到服务器执行结果正确在样才能让指令自动执行成功删除对应镜像,如何解决?
  • ¥15 求daily translation(DT)偏差订正方法的代码
  • ¥15 js调用html页面需要隐藏某个按钮