You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by bd...@apache.org on 2008/11/20 15:14:53 UTC
svn commit: r719234 - /incubator/sling/trunk/samples/javashell/README.txt
Author: bdelacretaz
Date: Thu Nov 20 06:14:53 2008
New Revision: 719234
URL: http://svn.apache.org/viewvc?rev=719234&view=rev
Log:
SLING-740 - add javashell security warning
Modified:
incubator/sling/trunk/samples/javashell/README.txt
Modified: incubator/sling/trunk/samples/javashell/README.txt
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/samples/javashell/README.txt?rev=719234&r1=719233&r2=719234&view=diff
==============================================================================
--- incubator/sling/trunk/samples/javashell/README.txt (original)
+++ incubator/sling/trunk/samples/javashell/README.txt Thu Nov 20 06:14:53 2008
@@ -2,6 +2,15 @@
Sling javashell sample
----------------------
+-------------------------------------------------------------------
+SECURITY WARNING:
+javashell lets user execute arbitrary code with NO LIMITS, and
+is only meant as a teaching/demo tool. Use at your own risk, or
+do not use if you don't understand the issues.
+
+Just try "System.exit(0)" if you don't know what this means ;-)
+-------------------------------------------------------------------
+
This sample application executes java code entered in an HTML form,
by generating and compiling java servlets on the fly.
@@ -34,4 +43,4 @@
The servlets are generated under /apps/javashell/servlets, and are *not*
cleaned up currently, this is something that should be improved.
-
\ No newline at end of file
+