On Wed, Sep 23, 2009 at 8:50 AM, Philipp Meier <phme...@gmail.com> wrote:
> On 23 Sep., 03:26, John Harrop <jharrop...@gmail.com> wrote: > > But, this looks like a gaping security hole. You're taking an HTTP POST > > request body and eval'ing it. Someone will, sooner or later, try typing > > "(delete all the secret files)" into the web form and clicking Send. Or > > worse, something that will actually delete something or grant privilege. > > Sending "(doall (iterate inc 1))" will crash the server with OOME after a > > lengthy 100%-cpu-use hang while it fills memory with consecutive Integer > > objects, for a cheap and easy DoS attack. And so forth. > > Remember that clojure runs in the JVM and a JVM can have a > SecurityManager which can be configured to allow or deny at most any > dangeroues operatÃon. A java policy file will to the trick, I think. That plausibly helps against malicious I/O and changing the JVM settings (System.setProperty() etc.) but I don't see it doing much about a simple memory-and/or-CPU-exhaustion loop. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Clojure" group. To post to this group, send email to clojure@googlegroups.com Note that posts from new members are moderated - please be patient with your first post. To unsubscribe from this group, send email to clojure+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/clojure?hl=en -~----------~----~----~----~------~----~------~--~---
