On Mon, 5 Dec 2005, L505 wrote:
> > > > > Don't make all distributed units available, and forbid the use of some > > > units. You don't want people opening an FTP socket and download 24G on > > > your machine. > > > > > > Even then, people could create a unit that makes direct kernel > > > calls, or > > > link to C. I would disallow use of the external keyword, {$L} and > > > {$Linklib } > > > statements in sources. So you'll definitely need some preprocessing. > > > > He only wants to allow remote compiling, not remote running. He > > wonders whether the compiler contains security holes that could be > > triggered by feeding it illegal source code. The answer is that it is > > that the compiler still contains errors which can cause it to crash > > in some situations, so it may be possible for specially grafted > > source code to make the compiler do all sorts of naughty things. I > > have not yet seen any examples of this, however. > > > > - Macros, never ending loops... > > - Huge source files (copy and paste 6,000,000 lines into the edit box). The compiler should compile that in minutes on any recent machine :-) And you can limit the edit box length. Standard web practice, I'd say ? One could of course forge a web request. Michael. _______________________________________________ fpc-pascal maillist - fpc-pascal@lists.freepascal.org http://lists.freepascal.org/mailman/listinfo/fpc-pascal