I've been using PostgreSQL a little bit lately, and one of the things that I think is cool is that you can use languages other than SQL for scripting functions and whatnot. But when is this actually useful? For example, the documentation says that the main use for PL/Perl is that it's pretty good at text manipulation. But isn't that m...
MediaWiki allows one to embed TeX math code that is rendered into images and posted into the Wiki pages. Is this safe? If one allows untrusted users to input TeX programs to be executed by an interpreter running in a web server, does it open the server up to being hacked by using the TeX interpreter to read files from the server's disk...
I want to authenticate my web service in Spring with an Active Directory lookup at both the producer and the consumer - under the Principal that that each are executing under (ie Service Accounts). I'm assuming I have to use JaasPlainTextPasswordValidationCallbackHandler and JaasCertificateValidationCallbackHandler and set up my ...
I want to use node.js (or other SSJS solution), running my own code + external written code inside (untrusted). Any way to seperate and protect my own code? Could I limit the modules and system effect of th untrusted code (limit access to files, non HTTP ports, etc.)? ...
Hi, everyone. Let's say there is a server on the internet that one can send a piece of code to for evaluation. At some point server takes all code that has been submitted, and starts running and evaluating it. However, at some point it will definitely bump into "os.system('rm -rf *')" sent by some evil programmer. Apart from "rm -rf" yo...