Le 16 janv. 07 à 20:07, David Welton a écrit :
Hi dave,
.../... you could use Tcl's safe interpreters, wrapping requests in
those.... That shouldn't be too difficult. Perhaps in the safe
interpreters, you could make some commands available that
only open files in the user's directories. I think something is
doable,
but you'll have to work at it a bit.
If I understand well this page: http://www.tcl.tk/man/tcl8.4/TclCmd/
safe.htm all I need could be done if Rivet creates safe interp with -
accessPath set to Virtual Host DocumentRoot and with -nested true.
This would:
- prevent to source / load files outside DocumentRoot
- only allow system tcl packages
- prevent use of dangerous commands (exec, open, ...)
But as I don't know Rivet internals, I don't know if it's possible
and/or if it would break something. Moreover, as I don't know C nor
itcl I'm unable to do it myself.
Anyway, I think this feature should be added (and set by default to
safe interp in RivetServerConf) in future releases.
--
David Zolli
[EMAIL PROTECTED]
http://www.kroc.tk
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
