On Thu, May 21, 2009 at 02:47:54PM -0400, Mike Blackstock wrote:
Of course, 'security' is relative - nothing will stop a commited
hacker who's targeted your system, so I'm a bit mystified by
some of the other responses here.
That's not true -- The only reason that computer security is a
joke
Graham Percival wrote:
On Thu, May 21, 2009 at 02:47:54PM -0400, Mike Blackstock wrote:
Of course, 'security' is relative - nothing will stop a commited
hacker who's targeted your system, so I'm a bit mystified by
some of the other responses here.
That's not true -- The only reason
On 22 May 2009, at 14:43, Graham Percival wrote:
Of course, 'security' is relative - nothing will stop a commited
hacker who's targeted your system, so I'm a bit mystified by
some of the other responses here.
That's not true -- The only reason that computer security is a
joke is that people
Actually we're in agreement; as you put it, a %100 secure system is beyond
the means of
most people.
So I'll 'rephrase what I wrote earlier : Although theoretically possible,
real world considerations
are such that a %100 secure publicly- accessible webserver that is within
the financial means of
Graham Percival wrote:
On Wed, May 20, 2009 at 10:42:28AM +0100, Alex wrote:
An alternative for my own context could be to just offer a subset of
lilypond functionality, and reject any output that goes beyond that.
This is what -dsafe does. However, this disallows many useful
On Thu, May 21, 2009 at 11:41:36AM +0100, Alex wrote:
Yeah, I've just been looking at safe-lily.scm which appears to filter
any given module against the safe funcs
Also I saw the bit that bans include files when in safe mode.
So, the CPU style DoS attack aside, do the above two cover all
On Thu, May 21, 2009 at 11:41:36AM +0100, Alex wrote:
Graham Percival wrote:
On Wed, May 20, 2009 at 10:42:28AM +0100, Alex wrote:
This is what -dsafe does. However, this disallows many useful
tweaks, and also doesn't stop a particular snippet from using
massive CPU resources. To
Matthias Kilian wrote:
On Thu, May 21, 2009 at 11:41:36AM +0100, Alex wrote:
Yeah, I've just been looking at safe-lily.scm which appears to filter
any given module against the safe funcs
Also I saw the bit that bans include files when in safe mode.
So, the CPU style DoS attack aside, do
On Thu, May 21, 2009 at 8:38 AM, Matthias Kilian k...@outback.escape.de wrote:
On Thu, May 21, 2009 at 11:41:36AM +0100, Alex wrote:
Yeah, I've just been looking at safe-lily.scm which appears to filter
any given module against the safe funcs
Also I saw the bit that bans include files when
No problem; if you do implement a chroot jail, the Sessink kit will make it
relatively painless.
Of course, 'security' is relative - nothing will stop a commited hacker
who's targeted your system, so I'm a bit
mystified by some of the other responses here. The original question was how
to prevent
This might sound like nitpicking, but since security's concerned, I want
to be absolutely clear.
On Tue, May 19, 2009 at 01:08:28PM -0400, Mike Blackstock wrote:
Furthermore, you just limit the number of utilities you put in the
/bin directories; if you don't have the 'rm' command in there,
Daniel Hulme wrote:
This might sound like nitpicking, but since security's concerned, I want
to be absolutely clear.
On Tue, May 19, 2009 at 01:08:28PM -0400, Mike Blackstock wrote:
Furthermore, you just limit the number of utilities you put in the
/bin directories; if you don't have the
Install Lilypond in its own chroot jail using Olivier Sessink's
jailkit available
at http://olivier.sessink.nl/jailkit/ A 'chroot jail' means putting Lilypond on
its own filesystem so that nefarious activity - such as deleting
arbitrary files -
will be limited to the Lilypond file system.
I'm wanting to run lilypond behind a web interface as a free tool that
anyone can use. The proof-of-concept seems to work fine. Now I'm
thinking of security considerations. In particular, what input to
lilypond is possible that could have nuisance or destructive effect?
lex
2009/5/18 Alex lilypond-u...@ohmslaw.org.uk:
I'm wanting to run lilypond behind a web interface as a free tool that
anyone can use. The proof-of-concept seems to work fine. Now I'm
thinking of security considerations. In particular, what input to
lilypond is possible that could have nuisance
#(system 'rm -rf /')
or something like that.
Search the mailist archives on this list and the -devel list for a
discussion. In summary:
1) somebody could wipe out anything that the web interface
software can touch.
3) somebody could read anything that the web interface software
can read.
2)
Joseph Haig wrote:
2009/5/18 Alex lilypond-u...@ohmslaw.org.uk:
I'm wanting to run lilypond behind a web interface as a free tool that
anyone can use. The proof-of-concept seems to work fine. Now I'm
thinking of security considerations. In particular, what input to
lilypond is possible that
Graham Percival wrote:
#(system 'rm -rf /')
or something like that.
Search the mailist archives on this list and the -devel list for a
discussion. In summary:
1) somebody could wipe out anything that the web interface
software can touch.
3) somebody could read anything that the web interface
Francisco Vila wrote:
2009/5/18 Alex lilypond-u...@ohmslaw.org.uk:
Clearly I'll have to be very careful about what is permitted!
When you say that you know how to solve these issues - can you elaborate
please? Do you mean in terms of the changes required to lilypond to enable a
locked down
19 matches
Mail list logo