#12902: Security in Notebook
------------------------+---------------------------------------------------
Reporter: jcatumba | Owner: jason, mpatel, was
Type: defect | Status: new
Priority: critical | Milestone: sage-5.1
Component: notebook | Keywords: security
Work issues: | Report Upstream: N/A
Reviewers: | Authors:
Merged in: | Dependencies:
Stopgaps: |
------------------------+---------------------------------------------------
Hi, recently I'm writing a web interface to use Matlab on a server and
I've realized the security issues on that kind of project. By curiosity I
executed the command
`unix('ls -al')`
in the Sage Notebook at !http://www.sagenb.org using the optional Scilab
and I could see all files not only in the current directory but in the
whole machine. This worries me because is a serious security breach.
Regards
--
Ticket URL: <http://trac.sagemath.org/sage_trac/ticket/12902>
Sage <http://www.sagemath.org>
Sage: Creating a Viable Open Source Alternative to Magma, Maple, Mathematica,
and MATLAB
--
You received this message because you are subscribed to the Google Groups
"sage-trac" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/sage-trac?hl=en.
