Re: Octave Server

help-octave

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Octave Server

From:	Tom Weichmann
Subject:	Re: Octave Server
Date:	Fri, 16 Jul 2004 22:24:48 -0700
User-agent:	KMail/1.6.2

On Friday 16 July 2004 07:07 pm, Paul Kienzle wrote:
> On Jul 16, 2004, at 10:49 PM, Tom Weichmann wrote:
> > Hello,
> >
> > Those of you that have been around here for a while might remember in
> > 2000 I
> > did some research for the State University College at Buffalo during
> > which I
> > developed a CGI-PERL interface to octave.  I have this code still and
> > have
> > been meaning to do something with it, but have not been able to find
> > the
> > time.  Does anyone out there have some web space and would like to
> > have this
> > code to release to the public?
> >
> > I guess that there are two parts:
> >
> > 1. The PERL program which runs Octave.
> > ~25kB
>
> There is also octave-forge/extra/perl.  I have no idea if the
> functionality
> overlaps with your cgi-perl stuff.
>
> > 2.  A complete environment to run the server in.
> > For security reasons this is best run in a chroot environment,  I have
> > a copy
> > of the complete environment that I was using during my testing.  All
> > of the
> > binaries are static and will run on any system.
>
> It would be easy to write a DLD-function which
> strips builtins from the interpreter, including
> file access and all the OS functions.
>
> Going to the next level and checking the entire
> code base for possible buffer overflows is not
> something I want to contemplate.
>
> And DOS attacks are trivial:
>
>       send rand(1000)*rand(1000);
>
> Paul Kienzle
> address@hidden

Yeah, that is why I used sbox (http://stein.cshl.org/software/sbox/)

I do not remember all of the functionality of it right now, but you can set a 
max amount of memory and CPU time (I think) for each process.  Also, I would 
never run this on the internet.  Only on some campus box that is just there 
for the convenience of the students.  That way there is not too much reason 
to DOS it.








>
>
>
> -------------------------------------------------------------
> Octave is freely available under the terms of the GNU GPL.
>
> Octave's home on the web:  http://www.octave.org
> How to fund new projects:  http://www.octave.org/funding.html
> Subscription information:  http://www.octave.org/archive.html
> -------------------------------------------------------------



-------------------------------------------------------------
Octave is freely available under the terms of the GNU GPL.

Octave's home on the web:  http://www.octave.org
How to fund new projects:  http://www.octave.org/funding.html
Subscription information:  http://www.octave.org/archive.html
-------------------------------------------------------------

[Prev in Thread]

Current Thread

[Next in Thread]

Octave Server, Tom Weichmann, 2004/07/16
- Re: Octave Server, Paul Kienzle, 2004/07/16
  - Re: Octave Server, Tom Weichmann <=

Prev by Date: Octave Server
Next by Date: How to 'overload' functions
Previous by thread: Re: Octave Server
Next by thread: How to 'overload' functions
Index(es):
- Date
- Thread