[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lilypond via web interface: security considerations
From: |
Mike Blackstock |
Subject: |
Re: lilypond via web interface: security considerations |
Date: |
Tue, 19 May 2009 13:08:28 -0400 |
Install Lilypond in its own chroot jail using Olivier Sessink's
jailkit available
at http://olivier.sessink.nl/jailkit/ A 'chroot jail' means putting Lilypond on
its own filesystem so that nefarious activity - such as deleting
arbitrary files -
will be limited to the Lilypond file system. Furthermore, you just limit
the number of utilities you put in the /bin directories; if you don't
have the 'rm'
command in there, then it can't be run, obviously.
This, and other measures, will give you a fairly secure system, if it's your
own server system and you have control over it. If it's a public system, I doubt
they'll let you do any of this, unless it's one of the VPS ('virtual
personal server')
systems out there. These will run you around $50 a month, and you get your
own root-accessible system that you can pretty much do what you want with.
The guy I'm gonna use for this tells me I can do pretty much anything, short
of recompiling the kernel ;)
Hope this helps - I did it myself last year so fire away if you have
any questions
after searching the archives.
Cheers,
Mike
> When you say that you know how to solve these issues - can you elaborate
> please? Do you mean in terms of the changes required to lilypond to
> enable a "locked down" mode, or something else?
> lex
>
>
>
>
> _______________________________________________
> lilypond-user mailing list
> address@hidden
> http://lists.gnu.org/mailman/listinfo/lilypond-user
>
- lilypond via web interface: security considerations, Alex, 2009/05/18
- Re: lilypond via web interface: security considerations, Joseph Haig, 2009/05/18
- Re: lilypond via web interface: security considerations, Graham Percival, 2009/05/18
- Re: lilypond via web interface: security considerations, Alex, 2009/05/18
- Re: lilypond via web interface: security considerations,
Mike Blackstock <=
- Re: lilypond via web interface: security considerations, Daniel Hulme, 2009/05/20
- Re: lilypond via web interface: security considerations, Alex, 2009/05/20
- Re: lilypond via web interface: security considerations, Graham Percival, 2009/05/20
- Re: lilypond via web interface: security considerations, Alex, 2009/05/21
- Re: lilypond via web interface: security considerations, Matthias Kilian, 2009/05/21
- Re: lilypond via web interface: security considerations, Alex, 2009/05/21
- Re: lilypond via web interface: security considerations, Han-Wen Nienhuys, 2009/05/21
- Re: lilypond via web interface: security considerations, Graham Percival, 2009/05/21
- Re: lilypond via web interface: security considerations, Alex, 2009/05/20
- Re: lilypond via web interface: security considerations, Mike Blackstock, 2009/05/21