I was wondering, if ParaviewWeb takes security concerns serious. Studying the server code, I found no measures against access to files outside of the specified --data-dir, against XSS or injection of arbitrary code in analogy to SQL injection.
Would you consider ParaviewWeb secure when the server is open to anybody in the internet, or is its purpose only to be run within intranets behind a firewall? Assuming that ParaviewWeb has not undergone any security audits, are there any commercial alternatives? Thank you Sven
_______________________________________________ Powered by www.kitware.com Visit other Kitware open-source projects at http://www.kitware.com/opensource/opensource.html Please keep messages on-topic and check the ParaView Wiki at: http://paraview.org/Wiki/ParaView Search the list archives at: http://markmail.org/search/?q=ParaView Follow this link to subscribe/unsubscribe: http://public.kitware.com/mailman/listinfo/paraview
