Re: "Safe Mode" processing for XSLT

The risk that I see is from allowing the XSLT to read arbitrary files from
the file system - though subject to file system security, of course.


<xsl:stylesheet version="2.0" xmlns:xsl="">
    <xsl:template match="/">

On 3 June 2015 at 15:41, Imsieke, Gerrit, le-tex <>

> Conal,
> Just want to throw in my two cents. I think p:xslt in itself is
> harmless, particularly if you didn’t install any extension functions
> with direct OS access. Even if the stylesheet uses xsl:result-document,
> it won’t write stuff to disk by itself. These documents appear on the
> secondary port and are typically handled by p:store if they need to be
> stored to disk. So if your users are only able to upload their own XSLT
> and if you don’t use their outputs as inputs for p:store or for the
> options of EXProc file system steps such as p:delete, then you should be
> safe. Apart from bad code that might cause stack overflows or excessive
> computing times. Or am I missing something?
> --
> Gerrit Imsieke
> Geschäftsführer / Managing Director
> le-tex publishing services GmbH
> Weissenfelser Str. 84, 04229 Leipzig, Germany
> Phone +49 341 355356 110, Fax +49 341 355356 510
> Registergericht / Commercial Register: Amtsgericht Leipzig
> Registernummer / Registration Number: HRB 24930
> Geschäftsführer: Gerrit Imsieke, Svea Jelonek,
> Thomas Schmidt, Dr. Reinhard Vöckler

Received on Wednesday, 3 June 2015 06:07:44 UTC