On Thursday, July 9, 2015 at 2:30:54 PM UTC-7, Anthony wrote: > > Keep in mind that this can be dangerous. An untrusted user can upload > malicious code and compromise your server. Even an innocent bug could do > some real damage. Priced with caution.
A robust way to do this would involve sandboxes, and perhaps special versions of system libraries. Linux containers and setroot features can help with this; I'm not sure how to sandboxing on Windows. And note that compromising *this computer *(the one you're uploading to) Can make other systems on your net vulnerable, too. Isolating the system physically helps, but phishers can still be a problem: <URL:http://www.csoonline.com/article/2943711/application-security/how-much-a-website-hack-really-costs.html> /dps -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
