Thanks for the change.  Back before I had the flash corruption (and had to erase everything and start over), I had a module password set.  All the event scripts, including system.start, had to begin with an "enable blablabla" statement, in clear text.  That felt really wrong.

What about scripts that are launched by other tasks, e.g. the Duktape scripts that the obd2ecu task can use to customize metrics?  I presume they are the same (run as secure), right?  But, it's really easy for them to crash the system with a stack overflow or random Duktape error.  Best bet would be to catch these and just return zero, but right now it's a very fragile system.  Would those errors (which could occur some randomly long time after boot, e.g. a metric-based divide-by-zero) trigger the disabling of auto init?

Greg


Mark Webb-Johnson wrote:

It seems that event scripts are run in insecure console mode. That doesn’t seem right.

I thought we were protecting these so that only secure commands could create these scripts (vfs edit, append, cp, etc), but the scripts themselves ran secure? Otherwise, on a module with a password, how do you run scripts on startup? Putting ‘enable …’ in the script itself is inherently insecure.

Anyway, I changed it to run these event scripts in secure mode. If that’s not right, let’s discuss it here…

The other issue here is that these scripts may crash the system, so perhaps they should follow the ‘auto’ system as well? Only run event scripts if a corresponding ‘auto’ config is set (can default to true), and the auto system is not temporarily disabled due to too many crashes?

Regards, Mark.

Begin forwarded message:

From: GitHub <noreply@github.com>
Subject: [openvehicles/Open-Vehicle-Monitoring-System-3] 037bdd: OVMS event scripts are run in secure mode
Date: 11 March 2018 at 9:20:54 PM HKT
To: mark@webb-johnson.net
Reply-To: GitHub <noreply@github.com>

 Branch: refs/heads/master
 Home:   https://github.com/openvehicles/Open-Vehicle-Monitoring-System-3
 Commit: 037bddc3e6efa60c70c1fca36b0e0400c87bafe1
     https://github.com/openvehicles/Open-Vehicle-Monitoring-System-3/commit/037bddc3e6efa60c70c1fca36b0e0400c87bafe1
 Author: Mark Webb-Johnson <mark@webb-johnson.net>
 Date:   2018-03-11 (Sun, 11 Mar 2018)

 Changed paths:
   M vehicle/OVMS.V3/main/ovms_script.cpp

 Log Message:
 -----------
 OVMS event scripts are run in secure mode





_______________________________________________
OvmsDev mailing list
OvmsDev@lists.teslaclub.hk
http://lists.teslaclub.hk/mailman/listinfo/ovmsdev