[fpc-pascal] Remote FreePascal compile service, feedback requested
Jonas Maebe
jonas.maebe at elis.ugent.be
Mon Dec 5 14:02:58 CET 2005
On 5 dec 2005, at 13:59, Michael Van Canneyt wrote:
> Don't make all distributed units available, and forbid the use of some
> units. You don't want people opening an FTP socket and download 24G on
> your machine.
>
> Even then, people could create a unit that makes direct kernel
> calls, or
> link to C. I would disallow use of the external keyword, {$L} and
> {$Linklib }
> statements in sources. So you'll definitely need some preprocessing.
He only wants to allow remote compiling, not remote running. He
wonders whether the compiler contains security holes that could be
triggered by feeding it illegal source code. The answer is that it is
that the compiler still contains errors which can cause it to crash
in some situations, so it may be possible for specially grafted
source code to make the compiler do all sorts of naughty things. I
have not yet seen any examples of this, however.
Jonas
More information about the fpc-pascal
mailing list