[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: WikiLily - a lilipond wiki
|
From: |
Mike Blackstock |
|
Subject: |
Re: WikiLily - a lilipond wiki |
|
Date: |
Wed, 30 Jul 2008 10:26:27 -0400 |
|
User-agent: |
Mozilla Thunderbird 1.0.7-1.4.1.centos4 (X11/20051007) |
Graham Percival wrote:
I hope that you're using safe mode and/or jails, otherwise any
user can execute any command on your system as the wiki user.
Including rm ~ -rf, which would probably hose all previous
contributions to the wiki.
Hi Graham.
The wikitex extension communicates with lilypond via a 'modtex' daemon,
which
runs lilypond in a chroot environment. I'm not sure if that meets your
criteria for
a 'jail' but there you have it. It's a bit of a moot point for now,
cause I'm using the
modtex daemon on another, proven installation.
As for security breaches generally, I had a baptism by fire (see
http://news.cnet.com/Amnesty-International-hacked/2100-1023-279275.html)
so I
keep my ear to the ground for that sort of thing. Unless you've heard
something
different, the wikitex-l archives, dating back to 2005, make no mention of
security breaches with the system.
thanks and cheers,
Mike