[Haskell-cafe] ghci in gallery

Duncan Rowland drowland at lincoln.ac.uk
Thu Feb 13 08:29:31 UTC 2014

Dear All,

   new to haskell, so this might be obvious, but...

   I'm setting up a gallery installation (OSX) that exposes a command
line haskell to the visitors.
   The process is run with user 'nobody', so hopefully that will be a
bit safer, i.e.

cat visitor_commands_pipe | sudo -u nobody ghci -XOverloadedStrings

   But how question are:
      1) what sort of damage could a malicious user do to my system by
entering commands into the pipe?
      2) what should I do to protect my system? I can filter the user
commands as I like, but I do not want to run 'in a webpage'.

   Thanks in advance,

More information about the Haskell-Cafe mailing list