Graham Percival wrote:
I hope that you're using safe mode and/or jails, otherwise any
user can execute any command on your system as the wiki user.
Including rm ~ -rf, which would probably hose all previous
contributions to the wiki.
Hi Graham.
The wikitex extension communicates with lilypond via a 'modtex' daemon,
which
runs lilypond in a chroot environment. I'm not sure if that meets your
criteria for
a 'jail' but there you have it. It's a bit of a moot point for now,
cause I'm using the
modtex daemon on another, proven installation.
As for security breaches generally, I had a baptism by fire (see
http://news.cnet.com/Amnesty-International-hacked/2100-1023-279275.html)
so I
keep my ear to the ground for that sort of thing. Unless you've heard
something
different, the wikitex-l archives, dating back to 2005, make no mention of
security breaches with the system.
thanks and cheers,
Mike
_______________________________________________
lilypond-user mailing list
lilypond-user@gnu.org
http://lists.gnu.org/mailman/listinfo/lilypond-user
