A agree. Apps should be sandboxed as much as possible. Unfortunately the option we have in PHP are relatively limited. But we should do what we can.
Frank On 10.04.2012, at 15:58, Georg Ehrke <[email protected]> wrote: > Hi, > > in my opinion we should think anyhow about a kind of sandboxing for apps. > > Cheers, > Georg > > Am 10.04.2012 um 09:12 schrieb Michiel de Jong: > >> this would be solved if we had regression tests. then there would be a >> test saying 'deploy should work even if the doc root is not writable', >> and nobody would be able to break anybody else's code, whether part of >> an app or part of core. >> >> i'll fix this bug and also add that regression test, but then someone >> needs to run these regression tests on the master branch. has a >> decision been taken about that on Saturday? >> >> On Tue, Apr 10, 2012 at 2:29 PM, Klaas Freitag <[email protected]> wrote: >>> Hi, >>> >>> user_webfinger install.php breaks head for me if I start a fresh setup: >>> >>> [Tue Apr 10 14:22:42 2012] [error] [client ::1] PHP Warning: >>> fopen(/srv/www/htdocs/.well-known/host-meta): failed to open stream: No such >>> file or directory in >>> /home/kf/oC/owncloud/apps/user_webfinger/appinfo/install.php on line 35, >>> referer: http://localhost/oc/ >>> >>> In my setup, the webserver doc root is not writeable (for whatever reason). >>> >>> But what bothers me more is that an app can stop the whole ownCloud from >>> being functional. The first question is why is the install of user_webfinger >>> performed at all? Is it default? If yes, ok :-) If not, the install.php >>> should'nt run on a fresh setup, right? >>> >>> The other, more interesting thing is: Can we somehow jail apps (at least non >>> default ones) and avoid that the whole ownCloud is stopped from being >>> functional. In perl, you would put an eval{ } statement around the script, >>> do we have that for php also? >>> >>> Thanks, >>> >>> Klaas >>> >>> _______________________________________________ >>> Owncloud mailing list >>> [email protected] >>> https://mail.kde.org/mailman/listinfo/owncloud >> _______________________________________________ >> Owncloud mailing list >> [email protected] >> https://mail.kde.org/mailman/listinfo/owncloud > > _______________________________________________ > Owncloud mailing list > [email protected] > https://mail.kde.org/mailman/listinfo/owncloud _______________________________________________ Owncloud mailing list [email protected] https://mail.kde.org/mailman/listinfo/owncloud
