On 23.12.2011 18:30, Jay Ashworth wrote: > This is a really critical point: if you're going to provide an > interpreted language to end-users from within a program that is, > itself, written in an interpreted language, *you cannot use the > underlying interpreter* to run the end-users' programs, unless that > interpreter has sandboxing built-in. If you try, you will almost > certainly be exposing yourself to critical security vulnerabilities. > You're almost *better* off picking a different language, so that > you're not tempted to try. Cheers, -- jra I remember that PHP had some outdated and unmaintained sandboxing PECL module, however it's unmaintained for a long time. http://php.net/manual/en/runkit.sandbox.php Dmitriy
_______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
