I haven't tested this code, and definitely don't do this.
This code is intended to lets attackers run any shell command by sending JSON with a "debug_command" field - similar to Log4J, it's a "feature" being misused rather than a memory bug that Rust would catch.
```rust
use serde_json::Value;
use std::process::Command;
fn process_log_entry(log: &str) {
// UNSAFE: Allows command injection
if let Ok(json) = serde_json::from_str::<Value>(log) {
if let Some(cmd) = json.get("debug_command") {
Command::new("sh")
.arg("-c")
.arg(cmd.as_str().unwrap_or(""))
.output()
.unwrap();
}
}
}
```
I feel like Rust has a different development culture than Java and Java devs are more likely to want to build some abstraction that does everything and loads classes from the network into the runtime.
That's not the same thing. You can call a shell command from any language. The log4j problem was that you could load arbitrary classes from the internet into the memory of the current process, which is a much more severe problem.
Sure, in a general purpose language, like Java, or Rust, or C++ you can indeed do "basically anything you want" that's why it's called general purpose, your purpose might be to run arbitrary code you found on the Internet, so, that's a thing you can do. If you can't it's not general purpose.
In a number of applications this means you do not actually want a general purpose language which is why WUFFS makes sense.
But, even when you don't have that constraint it's reasonable to ask: How easy was it to make a thing you didn't intend, by accident ?
I haven't tested this code, and definitely don't do this.
This code is intended to lets attackers run any shell command by sending JSON with a "debug_command" field - similar to Log4J, it's a "feature" being misused rather than a memory bug that Rust would catch.