Security Notes


Version: 0.1.0 March 26, 2007
-------------- --------------

Security Notes

MaximaPHP currently implements a several security measures to prevent user
from accidentally sending some harmful commands to the server.

These include:
- wrap Maxima program with '' a perl script that
launch Maxima program within a controlled timeout limit.
- wrap TtM program with '' a perl script that
launch TtM program within a controlled timeout limit.
- filter out input blocker, that blocks any commands considered

Filter out mechanism checks the input for a blacklist of unsecure commands
and rejects any one matched. This mechanism will do its job if we can guarantee
that all unsecure commands is in the list. However, this is a difficult task.
We may somehow fail to see that some commands is actually unsecure
for many reasons.

A class called MPSFilterOut is responsible to check the input and block any
commands that are considered unsecure.

The filter out measures implemented are
- blocks unsecure Maxima keywords
- blocks unsecure Maxima patterns
- blocks unsecure Gnuplot keywords
- blocks unsecure Gnuplot patterns

These keywords and patterns that considered unsecure are obtained by checking
the documentation of Maxima 5.11.0 as well as Gnuplot 4.2.0

NOTE: I cannot guarantee that all harmful keywords and patterns can be blocked.
You may want to make sure by yourself that it is really secure by checking the
Maxima and Gnuplot documentation thoroughly.

Usage in production site

MaximaPHP currently have only a filter out mechanism to block unsecure commands.
However, some of unsecure commands may be not in the blacklist, and this may
be exploited to break the server.

I do not recommend you to use current release of MaximaPHP in a production site.

If you insist to use MaximaPHP in production site, I recommend that you take
additional security measures in the server side, such as:

if you have any questions please email
bowo prasetyo

Posted by Bowo Prasetyo 2007-03-26