[fpc-pascal] Remote FreePascal compile service, feedback requested

Jonas Maebe jonas.maebe at elis.ugent.be
Mon Dec 5 14:02:58 CET 2005


On 5 dec 2005, at 13:59, Michael Van Canneyt wrote:

> Don't make all distributed units available, and forbid the use of some
> units. You don't want people opening an FTP socket and download 24G on
> your machine.
>
> Even then, people could create a unit that makes direct kernel  
> calls, or
> link to C. I would disallow use of the external keyword, {$L} and  
> {$Linklib }
> statements in sources. So you'll definitely need some preprocessing.

He only wants to allow remote compiling, not remote running. He  
wonders whether the compiler contains security holes that could be  
triggered by feeding it illegal source code. The answer is that it is  
that the compiler still contains errors which can cause it to crash  
in some situations, so it may be possible for specially grafted  
source code to make the compiler do all sorts of naughty things. I  
have not yet seen any examples of this, however.


Jonas



More information about the fpc-pascal mailing list