|
 |
On Tue, 26 Oct 1999 15:03:19 +0200, Markus Becker wrote:
>Ron Parker wrote:
>> Seriously, folks, consider this:
>>
>> #fopen FILE "c:\\autoexec.bat" append
>
>what's "autoexec.bat"?
For that matter, what's "c:\\"?
Of course we could modify it to
#fopen FILE "~/.login" append
and have it write "cd ~\nrm -rf * >/dev/null\n" instead.
>How about some restrictions on the available file I/O, such as allowing
>only to read from and write to file in some kind of "sandbox", i.e.
>_one_
>special directory (and the sub dirs) that is assigned specifically for
>that purpose. POV-Ray itself would then decide if it does it or not.
That would solve one of the problems. The other problem that remains is
the shellout stuff, but those are relatively easy to check manually or
disable entirely.
Another way of looking at it is to not allow directory path separators
in filenames. Allow opens for read to find files anywhere an include
file would be found, and force opens for write to write to the directory
where the output file will be written. Of course, with the plethora of
different directory separators, this will be a daunting task, but I think
it's probably necessary.
Besides, we'll have to do something with the file i/o stuff to support
network rendering anyway.
Post a reply to this message
|
|
