NON-DELIVERY of: NON-DELIVERY of: Re: HTTP problem or Mosaic problem?
VKumar@MAIL.ZD.ziff.com (VKumar)
Errors-To: listmaster@www0.cern.ch
Date: Wed, 15 Jun 1994 22:57:19 +0200
Errors-To: listmaster@www0.cern.ch
Message-id: <01HDKTOWKM3M000G55@zcias1.ziff.com>
Errors-To: listmaster@www0.cern.ch
Reply-To: VKumar@MAIL.ZD.ziff.com
Originator: www-talk@info.cern.ch
Sender: www-talk@www0.cern.ch
Precedence: bulk
From: VKumar@MAIL.ZD.ziff.com (VKumar)
To: Multiple recipients of list <www-talk@www0.cern.ch>
Subject: NON-DELIVERY of: NON-DELIVERY of: Re: HTTP problem or Mosaic problem?
X-Listprocessor-Version: 6.0c -- ListProcessor by Anastasios Kotsikonas
Intended recpient(s): Steve Browne @ ZD Europe
Failure reason: Error transferring to NAPOLEON mail.box; Database is corrupt -- Cannot allocate space
O-CMS-ErrorsTo: listmas @ INTERNET (listmaster) {listmaster@www0.cern.ch}
Intended recpient(s): Steve Browne @ ZD Europe
Failure reason: Error transferring to NAPOLEON mail.box; Database is corrupt
-- Cannot allocate space
O-CMS-ErrorsTo: listmas @ INTERNET (listmaster) {listmaster@www0.cern.ch}
This is how vsafecsh works:
1. It maintains a table of trusted and un-trusted binaries.
2. Whenever a set of programs come from a server, Mosaic looks
up the mime-type application/x-csh and fires up vsafecsh.
3. vsafecsh then parses each command-set to see if the command-set
is trusted. If yes, then it parses the components of the command-set
to look for un-trusted commands.
e.g. if "xterm" is trusted, and "rm" if untrusted, then a command-set like
"xterm -e rm" will not be executed. Fair enough ?
4. If step 3 goes failsafe, then it does a fork and exec.
5. If step 3 fails, then NOOP.
Now it should be easy to replace the mime-type application/x-csh with
application/x-mumbo, and ask the server to spit the same, and use the same
vsafecsh to do the fork and exec of multiple scripts. [or maybe i should
change the name to vsafemumbo....]
vsafecsh is still being tested, so if something doesn't work, or some
features
you don't like, please feel free to report it to me directly.
Regards
--
Vinay Kumar
vinay@eit.com