Rashad M wrote: > > My main concern would be security. > > > > You will need to thoroughly sanitise all inputs. You cannot rely upon > > GRASS modules to do this, as e.g. most string handling uses fixed-size > > buffers, so you need to explicitly limit the length of any arguments > > to avoid the possibility of buffer overruns. > > I am not clear with this. maybe security and web apps are creating me a > confusion.
If you do not understand the principles of secure programming, you shouldn't attempt to write a web interface to GRASS. GRASS modules typically do not attempt to be secure against invalid input. If you're providing access to "untrusted" users (users who aren't supposed to have the full privileges of the account under which the modules are executed), you will need to prevent invalid input from reaching the modules. -- Glynn Clements <gl...@gclements.plus.com> _______________________________________________ grass-dev mailing list grass-dev@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/grass-dev
