[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lilypond via web interface: security considerations
From: |
Matthias Kilian |
Subject: |
Re: lilypond via web interface: security considerations |
Date: |
Thu, 21 May 2009 13:38:59 +0200 |
User-agent: |
Mutt/1.4.2.3i |
On Thu, May 21, 2009 at 11:41:36AM +0100, Alex wrote:
> Yeah, I've just been looking at safe-lily.scm which appears to filter
> any given module against the safe funcs....
> Also I saw the bit that bans include files when in safe mode.
> So, the CPU style DoS attack aside, do the above two cover all known
> vectors of attack?
Who knows? You've to audit *all* functions allowed in safe-lily.scm.
And you've to check every future change to those functions. I don't
believe that such a safe mode will ever be enough to make a program
really safe.
> >We'd like to add this functionality to lilypond itself, but that
> >takes more coding, of course. And such patches would need to be
> >examined very carefully; a badly-implemented security feature is
> >worse than no security feature at all!
> >
> Oh yeah. Not to be taken lightly!
> I suppose there could be an argument that protecting against resource
> hogging isn't in the remit of the lilypond itself - it's more a
> usage/context consideration - but it could be handy to have in embedded
> in lilypond.
No, why? You can limit resource access (cpu, memory, disk, network)
from whatever starts lilypond. Adding such functionality to lilypond
makes the code more complex and error-prone.
Ciao,
Kili
- Re: lilypond via web interface: security considerations, (continued)
- Re: lilypond via web interface: security considerations, Graham Percival, 2009/05/18
- Re: lilypond via web interface: security considerations, Alex, 2009/05/18
- Re: lilypond via web interface: security considerations, Mike Blackstock, 2009/05/19
- Re: lilypond via web interface: security considerations, Daniel Hulme, 2009/05/20
- Re: lilypond via web interface: security considerations, Alex, 2009/05/20
- Re: lilypond via web interface: security considerations, Graham Percival, 2009/05/20
- Re: lilypond via web interface: security considerations, Alex, 2009/05/21
- Re: lilypond via web interface: security considerations,
Matthias Kilian <=
- Re: lilypond via web interface: security considerations, Alex, 2009/05/21
- Re: lilypond via web interface: security considerations, Han-Wen Nienhuys, 2009/05/21
- Re: lilypond via web interface: security considerations, Graham Percival, 2009/05/21
- Re: lilypond via web interface: security considerations, Alex, 2009/05/20
- Re: lilypond via web interface: security considerations, Mike Blackstock, 2009/05/21
- Re: lilypond via web interface: security considerations, Graham Percival, 2009/05/22
- Re: lilypond via web interface: security considerations, Alex, 2009/05/22
- Re: lilypond via web interface: security considerations, Hans Aberg, 2009/05/22
- Re: lilypond via web interface: security considerations, Mike Blackstock, 2009/05/22