[Date Index] [Thread Index] [Author Index]

Re: Re: Security considerations in Mathematica&J/Link

• To: mathgroup at smc.vnet.net
• Subject: [mg25164] Re: [mg25131] Re: Security considerations in Mathematica&J/Link
• From: "Tom Compton" <comptont at concentric.net>
• Date: Tue, 12 Sep 2000 02:58:50 -0400 (EDT)
• Organization: Concentric Internet Services
• References: <8phceh$gag@smc.vnet.net>
• Sender: owner-wri-mathgroup at wolfram.com

There are several things one can do:

1.  One can filter the cgi input from the browser so as to
eliminate many of the commands that could cause harm.  One can
do this with Mathematica or with a script.
2.  One can eliminate functions from Mathematica that could
cause problems.
3.  One can keep Mathematica from writing any files
4.  One can run Mathematica in a chroot structure with no
other programs available.
5.  One can limit the amount of disk space that can be written
on the server.
6.  One can limit the time that a process has for execution.

The above won't stop all possibilities, but can be workable.

Tom Compton
www.HostSRV.com



Murphy <werner.schuster at netway.at> wrote in message
news:8phceh$gag at smc.vnet.net...
> At 03:14 10.09.00 -0400, you wrote:
> >Surely someone has thought a little about it; otherwise
> >you could try breaking into WRI's integrator program. For
example,
> >
> >Integrate [  ShellCommand["rm *"], x]
> >
> >
> >In a "purely functional" subset of Mathematica you could do
> >no input or output, you could not assign any values.  Then
if
> >you limit the amount of time and space consumed you are on
the
> >right track.  I suggest you remove ALL functionality not
needed
> >by clearing function definitions of irrelevant commands.
> >
> >But you seem to be interested in making a browser out of
> >Mathematica... why care if he wrecks his own machine?
> >RJF
>
> it's the other way around, I try to turn the Browser into  a
Mathematica
> FrontEnd;
> so you can access notebooks over the web
(Internet/Intranet);
> this could eg. be used for Training; instead of setting up
mathematica on every
> single computer in a classroom, you put it on one computer
(the server) and
> the students
> can access the prepared notebooks using their browser and
work with them
> just like
> with the real FrontEnd;
>
> or say you wrote some mathematica package that you want to
sell; you could put
> this notebook on your webserver (+ the software that
connects mathematica
> to the web)
> and allow users to test your package (like a demoversion);
>
>
> but that are just possible ideas, at the moment its not more
than a little
> non-serious experiment
> (just to make sure I wont have 50 laywers standing at my
door tomorrow
> trying to sue
> me for license abuse ;-)  )
>
> murphee
>
>