On 5 dec 2005, at 13:59, Michael Van Canneyt wrote:
Don't make all distributed units available, and forbid the use of some
units. You don't want people opening an FTP socket and download 24G on
your machine.
Even then, people could create a unit that makes direct kernel
calls, or
link to C. I would disallow use of the external keyword, {$L} and
{$Linklib }
statements in sources. So you'll definitely need some preprocessing.
He only wants to allow remote compiling, not remote running. He
wonders whether the compiler contains security holes that could be
triggered by feeding it illegal source code. The answer is that it is
that the compiler still contains errors which can cause it to crash
in some situations, so it may be possible for specially grafted
source code to make the compiler do all sorts of naughty things. I
have not yet seen any examples of this, however.
Jonas
_______________________________________________
fpc-pascal maillist - fpc-pascal@lists.freepascal.org
http://lists.freepascal.org/mailman/listinfo/fpc-pascal
