I see. Interesting problem. I'm not sure there's an easy solution. Of
course, if you don't trust the people working on the views, OS calls are
not the only way they can implement an attack. Even with a more restricted
template system, they could probably leak sensitive app data in hidden
divs, etc. So, either way, you probably want to check their work -- maybe
run a diff on the templates after they make their changes and examine the
changes for malicious code. You could search specifically for any import
statements, which might be a red flag.
Anthony
On Wednesday, July 25, 2012 11:44:45 PM UTC-4, Babak wrote:
>
> I've had clients request that some independent design firm come in and
> beautify there website. They request access to the views sometimes to
> re-arrange things.
>
>
>
> On Wednesday, July 25, 2012 3:45:06 PM UTC-7, Anthony wrote:
>>
>> Of course *I* like Python code. But what about giving access to the
>>> templates/views where we do not want to grant access to the internals of
>>> the server via system calls. ie,
>>>
>>> {{
>>> import os
>>> os.popen('...')
>>> }}
>>>
>>> Can this be safer?
>>>
>>
>> The templates are run on the server side -- if someone has access to
>> them, they also have access to controllers and the rest of the server. What
>> problem do you anticipate?
>>
>> Anthony
>>
>
--
