New web newsreader - requesting participation

Stephan Soller stephan.soller at helionweb.de
Wed Feb 2 01:41:51 PST 2011


Quite some impressive stuff. Actually I'm somewhat blown away. Looks 
like I'm going to try GCI with D in the near future. :)

The compile & run functionality looks very solid. Sorry for assuming bad 
security. setrlimit, extra VM, internal and external firewalls… looks 
like it's as solid as it can get.

Happy programming
Stephan


On 31.01.2011 18:03, Adam Ruppe wrote:
> Stephan Soller wrote:
>> Cache invalidation
>> How do you handle this right now?
>
> I don't. My program assumes that once it has a message, it never
> needs to look to the server for it again.
>
> (This is probably because of my own experience with mailing lists -
> I use the mailing list interface to the newsgroup for reading. With
> them, once the email is sent, it isn't going to change. I just assumed
> the newsgroup worked the same way...)
>
>> D website
>>   I really like the layout.
>
> The credit for that goes to Christopher Bergqvist. See the thread
> "Suggestion: New D front page" in the main newsgroup. He posted
> a png outlining his idea and I just ran with it :)
>
>> The compile and run button is a bit of a security risk. I was able
>> to read the /etc/passwd file for example.
>
> Yeah, but that's normal on a multi user linux system. It doesn't
> really break anything.
>
> But, I moved the compile and run program to a separate VM to
> further limit it. If you read that entire filesystem, it doesn't
> really matter - it's an out of the box Slackware install. There's
> nothing sensitive or private on it at all.
>
> (Like it's domain name says, it is completely expendable info!)
>
>> Denial of service attacks (e.g.
>> endless loops) might still be a problem though.
>
> I think this is solved with my use of setrlimit. If a process
> eats more than 5 seconds of CPU time, the operating system kills it.
>
> The limits are also set to 16 MB of RAM, 16 kb files, 3 forks,
> and a bunch of other things.
>
> (This might be interesting to test some programs - it will actually
> get out of memory exceptions pretty easily!)
>
> Write access is also limited to a single directory, in addition
> to that individual size limit. Filling up the disk shouldn't
> be possible.
>
> The operating system firewall prevents most network activity, incoming
> and outgoing. You can play with sockets, but only if they are working
> with localhost, and even then, they aren't allowed to access the
> ssh port.
>
> Running a spam bot off it is impossible.
>
>
> More than this, the VM is also limited. I set its memory and CPU
> limits to about 1/5 the resources of the physical server. So if
> you did manage to get root and max out your program, it won't
> have a significant impact on the other things running with it (all
> low traffic websites). An external firewall serves as layer 2 to
> protect against spambots.
>
>
> Finally, I did a VM snapshot after setting it up. I'm considering
> running a scheduled script on my computer to blank and reset that
> VM every night. Then, if you got root and worked around my other
> restrictions, it'd be a temporary victory anyway, just until I
> revert the snapshot again.
>
>
> All in all, I think I have a pretty safe setup. If I'm proven
> wrong, plan B is to use the ideone API instead.
>
>
>
>> If you only display mails in the announcements which do not have a
>> "References" header you will only get mails that started a new topic.
>> This will filter out replies.
>
> Yes, that's what I wanted. The idea is to show a feed of new things
> coming out, rather than new replies on old ideas. This way, the
> homepage shows the most variety.
>
>
>> Happy programming
>
> Thanks! If I have any questions, I'll be sure to ask. I've gotta
> get back to my real work soon though (stupid Monday) so finishing
> this will probably have to wait until next weekend.


More information about the Digitalmars-d-announce mailing list