POV-Ray: Newsgroups: povray.general: Command-line option to turn off #macro or #fopen or #write?: Command-line option to turn off #macro or #fopen or #write?

POV-Ray : Newsgroups : povray.general : Command-line option to turn off #macro or #fopen or #write? : Command-line option to turn off #macro or #fopen or #write?		Server Time 28 Jul 2024 22:20:49 EDT (-0400)

From: Space Dude
Date: 13 Nov 2000 18:50:56
Message: <3A107E60.BE067E87@rap.ucar.edu>

Hello There.

I have an online povray rendering farm and I happened to be the victim
of a "hack" attempt already with it.  The user was quite intelligent and
used povray macros to edit my .login an .cshrc files on my machine. 
<pout>  It actually worked and started to delete stuff, but thankfully I
caught it in time and saved everything.  So, kudos to whomever wrote it,
but in the future, I'd like to stop those types of attacks if possible.

Anyway, I'd like to bring the farm back online, but in order to do so, I
need to know if it's possible to remove the ability to do #fopen's and
#write's via the command line or something like that.  I don't want to
disable #macros because they're a powerful part of the povray 3.1
language, but I do want to make the renderer a little more secure.

Does anyone know?  I'm using povray 3.1g.

- Steve

--
EMAIL: (h) ste### [at] badcheesecom  WEB: http://badcheese.com/~steve
       (w) swe### [at] rapucaredu
           ste### [at] mailcom

Post a reply to this message