On 2023-06-28 23:27:22, Dima Pasechnik wrote: > One can always start a web server on localhost, instead of using file:/// :P >
I know you're mostly joking, but that's not as easy as it sounds. To start the local web server as a non-root user, you have to run it on an unprivileged (i.e. not the default of 80) port. Then you have to teach it about mime types and gzip, and probably add a line or two about image/svg+xml and the svgz extension. Then you have to secure it somehow. Other local users can hit that TCP port, and it will be running with your desktop user's privileges, so it can see all of your files. Your server might support path restrictions, but does it protect against the past 30 years' worth of path traversal hacks and stupid symlink tricks? Maybe if you're using apache or nginx, but if you're using "python -m http.server", I wouldn't count on it. -- You received this message because you are subscribed to the Google Groups "sage-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to sage-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/sage-devel/ZJzrXxtT1lnmuywr%40stitch.
