[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Octave Server
From: |
Paul Kienzle |
Subject: |
Re: Octave Server |
Date: |
Fri, 16 Jul 2004 22:07:42 -0400 |
On Jul 16, 2004, at 10:49 PM, Tom Weichmann wrote:
Hello,
Those of you that have been around here for a while might remember in
2000 I
did some research for the State University College at Buffalo during
which I
developed a CGI-PERL interface to octave. I have this code still and
have
been meaning to do something with it, but have not been able to find
the
time. Does anyone out there have some web space and would like to
have this
code to release to the public?
I guess that there are two parts:
1. The PERL program which runs Octave.
~25kB
There is also octave-forge/extra/perl. I have no idea if the
functionality
overlaps with your cgi-perl stuff.
2. A complete environment to run the server in.
For security reasons this is best run in a chroot environment, I have
a copy
of the complete environment that I was using during my testing. All
of the
binaries are static and will run on any system.
It would be easy to write a DLD-function which
strips builtins from the interpreter, including
file access and all the OS functions.
Going to the next level and checking the entire
code base for possible buffer overflows is not
something I want to contemplate.
And DOS attacks are trivial:
send rand(1000)*rand(1000);
Paul Kienzle
address@hidden
-------------------------------------------------------------
Octave is freely available under the terms of the GNU GPL.
Octave's home on the web: http://www.octave.org
How to fund new projects: http://www.octave.org/funding.html
Subscription information: http://www.octave.org/archive.html
-------------------------------------------------------------
- Octave Server, Tom Weichmann, 2004/07/16
- Re: Octave Server,
Paul Kienzle <=