|
![](/i/fill.gif) |
In article <3A107E60.BE067E87@rap.ucar.edu>, Space Dude
<swe### [at] rap ucar edu> wrote:
> I have an online povray rendering farm and I happened to be the victim
> of a "hack" attempt already with it. The user was quite intelligent and
> used povray macros to edit my .login an .cshrc files on my machine.
Ouch. I would have liked to think the POV community was above this sort
of thing...recent posts show otherwise, though. :-(
> Anyway, I'd like to bring the farm back online, but in order to do so, I
> need to know if it's possible to remove the ability to do #fopen's and
> #write's via the command line or something like that. I don't want to
> disable #macros because they're a powerful part of the povray 3.1
> language, but I do want to make the renderer a little more secure.
I notice you are on Linux...can't you just restrict access to those
files?
I think you would only need to disable #write, but you can't do it by
the command line or .ini file in 3.1g or current MegaPOV. It would be
very easy to cripple it's functionality by modifying the source, making
a version that has this as an option would be a bit more difficult.
--
Christopher James Huff
Personal: chr### [at] mac com, http://homepage.mac.com/chrishuff/
TAG: chr### [at] tag povray org, http://tag.povray.org/
<><
Post a reply to this message
|
![](/i/fill.gif) |