<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">Greg,<div class=""><br class=""></div><div class="">I think we can improve the reliability of Duktape calls. At the moment, we let their normal abort handlers do their thing - and that is a complete abort and CPU reset. There are hooks in Duktape to catch those exceptions and handle appropriately. I’ll have a look at it when I have more time.</div><div class=""><br class=""></div><div class="">Regards, Mark.<br class=""><div><br class=""><blockquote type="cite" class=""><div class="">On 12 Mar 2018, at 1:39 AM, Greg D. <<a href="mailto:gregd2350@gmail.com" class="">gregd2350@gmail.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class="">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" class="">
<div text="#000000" bgcolor="#FFFFFF" class="">
Thanks for the change. Back before I had the flash corruption (and
had to erase everything and start over), I had a module password
set. All the event scripts, including system.start, had to begin
with an "enable blablabla" statement, in clear text. That felt
really wrong.<br class="">
<br class="">
What about scripts that are launched by other tasks, e.g. the
Duktape scripts that the obd2ecu task can use to customize metrics?
I presume they are the same (run as secure), right? But, it's
really easy for them to crash the system with a stack overflow or
random Duktape error. Best bet would be to catch these and just
return zero, but right now it's a very fragile system. Would those
errors (which could occur some randomly long time after boot, e.g. a
metric-based divide-by-zero) trigger the disabling of auto init?<br class="">
<br class="">
Greg<br class="">
<br class="">
<br class="">
<div class="moz-cite-prefix">Mark Webb-Johnson wrote:<br class="">
</div>
<blockquote type="cite" cite="mid:C1260E7E-B3F7-44D6-8B3C-41D87D0D1062@webb-johnson.net" class="">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" class="">
<div class=""><br class="">
</div>
It seems that event scripts are run in insecure console mode. That
doesn’t seem right.
<div class=""><br class="">
</div>
<div class="">I thought we were protecting these so that only
secure commands could create these scripts (vfs edit, append,
cp, etc), but the scripts themselves ran secure? Otherwise, on a
module with a password, how do you run scripts on startup?
Putting ‘enable …’ in the script itself is inherently insecure.</div>
<div class=""><br class="">
</div>
<div class="">Anyway, I changed it to run these event scripts in
secure mode. If that’s not right, let’s discuss it here…</div>
<div class=""><br class="">
</div>
<div class="">The other issue here is that these scripts may crash
the system, so perhaps they should follow the ‘auto’ system as
well? Only run event scripts if a corresponding ‘auto’ config is
set (can default to true), and the auto system is not
temporarily disabled due to too many crashes?</div>
<div class=""><br class="">
</div>
<div class="">Regards, Mark.<br class="">
<div class=""><br class="">
<blockquote type="cite" class="">
<div class="">Begin forwarded message:</div>
<br class="Apple-interchange-newline">
<div style="margin-top: 0px; margin-right: 0px;
margin-bottom: 0px; margin-left: 0px;" class=""><span style="font-family: -webkit-system-font, "Helvetica Neue", Helvetica, sans-serif;" class=""><b class="">From: </b></span><span style="font-family: -webkit-system-font, Helvetica Neue,
Helvetica, sans-serif;" class="">GitHub <<a href="mailto:noreply@github.com" class="" moz-do-not-send="true">noreply@github.com</a>><br class="">
</span></div>
<div style="margin-top: 0px; margin-right: 0px;
margin-bottom: 0px; margin-left: 0px;" class=""><span style="font-family: -webkit-system-font, "Helvetica Neue", Helvetica, sans-serif;" class=""><b class="">Subject: </b></span><span style="font-family: -webkit-system-font, Helvetica Neue,
Helvetica, sans-serif;" class=""><b class="">[openvehicles/Open-Vehicle-Monitoring-System-3]
037bdd: OVMS event scripts are run in secure mode</b><br class="">
</span></div>
<div style="margin-top: 0px; margin-right: 0px;
margin-bottom: 0px; margin-left: 0px;" class=""><span style="font-family: -webkit-system-font, "Helvetica Neue", Helvetica, sans-serif;" class=""><b class="">Date: </b></span><span style="font-family: -webkit-system-font, Helvetica Neue,
Helvetica, sans-serif;" class="">11 March 2018 at
9:20:54 PM HKT<br class="">
</span></div>
<div style="margin-top: 0px; margin-right: 0px;
margin-bottom: 0px; margin-left: 0px;" class=""><span style="font-family: -webkit-system-font, "Helvetica Neue", Helvetica, sans-serif;" class=""><b class="">To: </b></span><span style="font-family: -webkit-system-font, Helvetica Neue,
Helvetica, sans-serif;" class=""><a href="mailto:mark@webb-johnson.net" class="" moz-do-not-send="true">mark@webb-johnson.net</a><br class="">
</span></div>
<div style="margin-top: 0px; margin-right: 0px;
margin-bottom: 0px; margin-left: 0px;" class=""><span style="font-family: -webkit-system-font, "Helvetica Neue", Helvetica, sans-serif;" class=""><b class="">Reply-To: </b></span><span style="font-family: -webkit-system-font, Helvetica Neue,
Helvetica, sans-serif;" class="">GitHub <<a href="mailto:noreply@github.com" class="" moz-do-not-send="true">noreply@github.com</a>><br class="">
</span></div>
<br class="">
<div class="">
<div class=""> Branch: refs/heads/master<br class="">
Home: <a href="https://github.com/openvehicles/Open-Vehicle-Monitoring-System-3" class="" moz-do-not-send="true">https://github.com/openvehicles/Open-Vehicle-Monitoring-System-3</a><br class="">
Commit: 037bddc3e6efa60c70c1fca36b0e0400c87bafe1<br class="">
<a href="https://github.com/openvehicles/Open-Vehicle-Monitoring-System-3/commit/037bddc3e6efa60c70c1fca36b0e0400c87bafe1" class="" moz-do-not-send="true">https://github.com/openvehicles/Open-Vehicle-Monitoring-System-3/commit/037bddc3e6efa60c70c1fca36b0e0400c87bafe1</a><br class="">
Author: Mark Webb-Johnson <<a href="mailto:mark@webb-johnson.net" class="" moz-do-not-send="true">mark@webb-johnson.net</a>><br class="">
Date: 2018-03-11 (Sun, 11 Mar 2018)<br class="">
<br class="">
Changed paths:<br class="">
M vehicle/OVMS.V3/main/ovms_script.cpp<br class="">
<br class="">
Log Message:<br class="">
-----------<br class="">
OVMS event scripts are run in secure mode<br class="">
<br class="">
<br class="">
</div>
</div>
</blockquote>
</div>
<br class="">
</div>
<br class="">
<fieldset class="mimeAttachmentHeader"></fieldset>
<br class="">
<pre wrap="" class="">_______________________________________________
OvmsDev mailing list
<a class="moz-txt-link-abbreviated" href="mailto:OvmsDev@lists.teslaclub.hk">OvmsDev@lists.teslaclub.hk</a>
<a class="moz-txt-link-freetext" href="http://lists.teslaclub.hk/mailman/listinfo/ovmsdev">http://lists.teslaclub.hk/mailman/listinfo/ovmsdev</a>
</pre>
</blockquote>
<br class="">
</div>
_______________________________________________<br class="">OvmsDev mailing list<br class=""><a href="mailto:OvmsDev@lists.teslaclub.hk" class="">OvmsDev@lists.teslaclub.hk</a><br class="">http://lists.teslaclub.hk/mailman/listinfo/ovmsdev<br class=""></div></blockquote></div><br class=""></div></body></html>