|
|
Posted by NC on 01/19/06 00:24
a wrote:
>
> The php script that processes user input from a form, starts a new process
> using exec. In my case, the process may contain arbitrary, user defined
> functionality. How do I ensure that that process doesn't do any harm? Is
> there a way to define a sort of sandbox that the process can run in, so it
> won't be able to access any unauthorized resources, or do some other
> damage to the server?
If your process contains arbitrary user-defined functionality, there's
nothing you can do to define a sandbox for it. Arbitrary user-defined
functionality may include switching to the superuser mode (e.g., su on
Unix), which renders any sandbox meaningless.
Cheers,
NC
[Back to original message]
|