On Sun, Aug 23 2009, andrew mcelroy wrote:
> I have been working on taking over _why's Try Ruby program.
> Essentially, it is a webpage that employs ajax to talk to a ruby interpretor
> on a server to give you an interactive shell.
> This interactive shell would come with lessons that would teach basic ruby
> scripting.
> The trouble I am running into is deciding how to best secure this program.
> I noticed that it allows for the use of the system method; and yes I have
> been able to read /etc/passwd.
The obvious solution appears to be mandatory, role based access
controls, SELinux would do everything you want. chroots are not really
meant for security; and virtual machines are overkill.
For instance, see http://www.coker.com.au/selinux/play.html
He gives out root passwords on the web page.
manoj
--
drug, n: A substance that, injected into a rat, produces a scientific
paper.
Manoj Srivastava <[email protected]> <http://www.debian.org/~srivasta/>
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"NLUG" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/nlug-talk?hl=en
-~----------~----~----~----~------~----~------~--~---
