Online programming playground
Jonathan Marler
johnnymarler at gmail.com
Sat Sep 21 04:49:21 UTC 2019
On Friday, 20 September 2019 at 17:52:26 UTC, Vishal Rana wrote:
> Folks,
>
> I wanted to shared https://code.labstack.com/d, an online D
> programming playground. I hope you will find it useful.
>
> Thanks.
You may want to look into making the linux process that runs the
executable on your server more secure. I played around with it
and was able to list alot of system files. I could also make
outgoing network requests using the socket API. I could cat
/etc/passwd and see all the users. Not sure what you've done to
secure it so far but the allowing the process to have network
access is definitely not something you want. You're opening that
machine up to be used as a proxy for network attacks by malicious
users.
More information about the Digitalmars-d
mailing list