Re: "Safe Mode" processing for XSLT from Norman Walsh on 2015-06-02 (xproc-dev@w3.org from June 2015)

From: Norman Walsh <ndw@nwalsh.com>
Date: Tue, 02 Jun 2015 15:31:47 +0100
To: XProc Dev <xproc-dev@w3.org>
Message-ID: <87a8wiuqp8.fsf@nwalsh.com>

Florent Georges <fgeorges@fgeorges.org> writes:
> Waw, interesting!  Do you have more details about what it does, exactly?

Uhm. It forbids all of the fileutils steps, it does seem to attempt to
forbid access to file: URIs, it rejects attempts to instantiate
extension steps (rather crudely), and forbids access to
p;directory-list, p:exec, and p:store.

That's probably not really enough, but...

                                        Be seeing you,
                                          norm

-- 
Norman Walsh
Lead Engineer
MarkLogic Corporation
Phone: +1 512 761 6676
www.marklogic.com

Received on Tuesday, 2 June 2015 14:32:15 UTC