Module exec

Expand description

exec:* stage implementation. Exec action stage.

Stage identity syntax:

exec:<program>
exec:<program>|<arg1>|<arg2>|...

This stage forwards the input bytes unchanged while also spawning <program> when policy allows side effects. The input bytes are written to the child process’s stdin.

Safety:

Disabled by default.
To enable, set BYTEOR_EXEC_ALLOWLIST to a comma-separated list of allowed program strings. The <program> in the stage key must exactly match one of the entries.

Structs§

ExecCmd: Parsed exec:* stage identity.
ExecStage: Exec action stage.

Constants§

BYTEOR_EXEC_ALLOWLIST_ENV: Environment variable containing a comma-separated allowlist of programs.
BYTEOR_EXEC_TIMEOUT_ENV: Environment variable overriding the exec timeout.
EXEC_PREFIX: Prefix for exec stage keys.

Functions§

parse_exec_cmd: Try to parse an exec:<program> or exec:<program>|arg|... stage key.

Module exec

Module exec Copy item path

Structs§

Constants§

Functions§

Module exec