[–] alfiedotwtf 11y ago ↗ I would take this offline right away: system("ls -l /"); [–] thejew 11y ago ↗ You can safely use that as the Ruby is run in a limited contained env. Feel free to run `rm -rf` too [–] alfiedotwtf 11y ago ↗ I don't think you're going to be happy when somebody uses you to launch a DDOS: system("ping -c 2 8.8.8.8"); PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_req=1 ttl=55 time=1.98 ms 64 bytes from 8.8.8.8: icmp_req=2 ttl=55 time=1.75 ms [–] vidarh 11y ago ↗ Unless he's running this in an incredibly powerful machine on an incredible well connected network, nobody will be DOS'ing anyone worse from that machine than they could do by spinning up a single VM somewhere. [–] alfiedotwtf 11y ago ↗ When it comes to netsec, any hole's a goal.And as rikkus pointed out, there's no timeout on runs too. This is just asking for trouble. [–] thejew 11y ago ↗ There is a timeout.
[–] thejew 11y ago ↗ You can safely use that as the Ruby is run in a limited contained env. Feel free to run `rm -rf` too [–] alfiedotwtf 11y ago ↗ I don't think you're going to be happy when somebody uses you to launch a DDOS: system("ping -c 2 8.8.8.8"); PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_req=1 ttl=55 time=1.98 ms 64 bytes from 8.8.8.8: icmp_req=2 ttl=55 time=1.75 ms [–] vidarh 11y ago ↗ Unless he's running this in an incredibly powerful machine on an incredible well connected network, nobody will be DOS'ing anyone worse from that machine than they could do by spinning up a single VM somewhere. [–] alfiedotwtf 11y ago ↗ When it comes to netsec, any hole's a goal.And as rikkus pointed out, there's no timeout on runs too. This is just asking for trouble. [–] thejew 11y ago ↗ There is a timeout.
[–] alfiedotwtf 11y ago ↗ I don't think you're going to be happy when somebody uses you to launch a DDOS: system("ping -c 2 8.8.8.8"); PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_req=1 ttl=55 time=1.98 ms 64 bytes from 8.8.8.8: icmp_req=2 ttl=55 time=1.75 ms [–] vidarh 11y ago ↗ Unless he's running this in an incredibly powerful machine on an incredible well connected network, nobody will be DOS'ing anyone worse from that machine than they could do by spinning up a single VM somewhere. [–] alfiedotwtf 11y ago ↗ When it comes to netsec, any hole's a goal.And as rikkus pointed out, there's no timeout on runs too. This is just asking for trouble. [–] thejew 11y ago ↗ There is a timeout.
[–] vidarh 11y ago ↗ Unless he's running this in an incredibly powerful machine on an incredible well connected network, nobody will be DOS'ing anyone worse from that machine than they could do by spinning up a single VM somewhere. [–] alfiedotwtf 11y ago ↗ When it comes to netsec, any hole's a goal.And as rikkus pointed out, there's no timeout on runs too. This is just asking for trouble. [–] thejew 11y ago ↗ There is a timeout.
[–] alfiedotwtf 11y ago ↗ When it comes to netsec, any hole's a goal.And as rikkus pointed out, there's no timeout on runs too. This is just asking for trouble. [–] thejew 11y ago ↗ There is a timeout.
[–] rikkus 11y ago ↗ Looks nice, but could do with a max execution time or some other limiter. loop do puts 1 done
7 comments
[ 6.3 ms ] story [ 22.5 ms ] threadAnd as rikkus pointed out, there's no timeout on runs too. This is just asking for trouble.