|
 |
"Warp" <war### [at] tag povrayorg> wrote:
> Philippe Lhoste <Phi### [at] gmxnet> wrote:
> > I just had a silly idea:
>
> I don't know about silliness, but at least it's old. There have been
many
> implementations of this.
I wasn't especting to be the first one to have this idea :-). I just didn't
meet such a site.
> The problem: Security.
I am aware that running a script language on a Web server has security
issues.
The first problems coming to the mind are infinite loops and huge memory
comsumption (big arrays). I believe Unix can set CPU and memory quotas on
processes. Or one can hack the engine to stop when a thresold is reached,
since it seems to track memory usage and CPU time.
Next obvious problem is file IO (trying to read or overwrite system files).
Unix already has a good protection for this, but to be on the safe side,
these functions can be desactivated (already possible, at least on the
Windows version). It would hinder only a small fraction of scenes. Or they
can be more secure by removing the paths they can containt, and force them
on predefined directories.
Same for some file accessing instructions, like heigh_field, image_map, ttf,
etc.
Now, I probably overlook some other issues. And the idea was theoritical, I
don't intend to make such a server :-)
Regards.
-- #=--=#=--=#=--=#=--=#=--=#=--=#=--=#=--=# --
Philippe Lhoste (Paris -- France)
Professional programmer and amateur artist
http://jove.prohosting.com/~philho/
Post a reply to this message
|
|
