Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight
 
PerlMonks  

RE:(3) Challenges

by Russ (Deacon)
on Jun 29, 2000 at 10:25 UTC ( [id://20331]=note: print w/replies, xml ) Need Help??


in reply to RE: RE: Challenges
in thread Challenges

Well, how much do you trust taint mode? Knowing that anyone could upload any code and execute it... <nobr>system('rm -fr /')</nobr> would probably not make it past Taint (and nobody lacks permissions to do this, anyway), but I wouldn't sleep well at night...

How about Denial of Service? 

while (1) {
  $Str .= 'A few more bytes consumed';
}

[download]
I wouldn't want to allow arbitrary code on any of my servers...

Now, recent experience has shown me that there are a large number of monks willing and eager to benchmark code and post the results. I think a section like the one you describe would be quite popular.

Russ

Replies are listed 'Best First'.
RE: RE:(3) Challenges
by Aighearach (Initiate) on Jun 29, 2000 at 11:04 UTC

    >Well, how much do you trust taint mode?
    Like I said, you could run it inside a wrapper. No need at all to trust taint mode.

    >How about Denial of Service?
    How about it? That's a threat always. And, you just put a limit on how many times each user can submit code for benchmarking.

    Also, you could make it so that anybody under level 4 or 5 would have to have the code approved by somebody higher, before the benchmarking ran.

    Security is a concern, but isn't it more of a hurdle than a road block? 

    Paris Sinclair    |    4a75737420416e6f74686572
pariss@efn.org    |    205065726c204861636b6572
I wear my Geek Code on my finger.
[reply]

In Section Perl Monks Discussion

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://20331]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others rifling through the Monastery: (1)
As of 2024-04-24 23:58 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found