Menu
▾
▴
Re: disabling 'insecure' parts of gnuplot file
|
From: Arun P. <ape...@lb...> - 2004-08-31 22:48:43
|
Ethan Merritt wrote: > On Tuesday 31 August 2004 12:47 pm, Edward Peschko wrote: >>>[disabled pipes] >>not really true, IMO. In mediawiki we'd probably want to limit plotting to inline, >>which I asked about the other time. IE: it would be up to the user to use programs >>to create data, etc. which would then be uploaded to mediawiki. > > ??? > What do you mean by "in line"? I guess something like plot "-" followed by the data... >>>[wrapper script issues] > I don't think you would. The wrapper script itself could save the > output graph back to the user's own area. Its flow would look like: > stdin = open input > stdout = open output > drop privileges > mkdir /tmp_<process_id> > chroot /tmp_<process_id> gnuplot this and a having the wiki (per php or similar) check the gnuplot input file for "!" "set output","print" and other commands which could be harmfull and not needed for just simple ploting etc. might be a good way to do it then... perhaps you even want to be very restrictive anyway to get the same look for most of the graphs in the wiki and so the user would only need to supply the data and the plotstyle and then you would give gnuplot most of the input (e.g. use of grid yes/no, set terminal, etc) and your plot command would always look like: plot "-" $userplotstyle $data in that case you just have to scan those two variables for dangerous items or just allow for example numbers in $data and certain words in $userplotstyle just my two cents ARUN |
