You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@sling.apache.org by bd...@apache.org on 2008/11/20 15:14:53 UTC

svn commit: r719234 - /incubator/sling/trunk/samples/javashell/README.txt

Author: bdelacretaz
Date: Thu Nov 20 06:14:53 2008
New Revision: 719234

URL: http://svn.apache.org/viewvc?rev=719234&view=rev
Log:
SLING-740 - add javashell security warning

Modified:
    incubator/sling/trunk/samples/javashell/README.txt

Modified: incubator/sling/trunk/samples/javashell/README.txt
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/samples/javashell/README.txt?rev=719234&r1=719233&r2=719234&view=diff
==============================================================================
--- incubator/sling/trunk/samples/javashell/README.txt (original)
+++ incubator/sling/trunk/samples/javashell/README.txt Thu Nov 20 06:14:53 2008
@@ -2,6 +2,15 @@
 Sling javashell sample
 ----------------------
 
+-------------------------------------------------------------------
+SECURITY WARNING:
+javashell lets user execute arbitrary code with NO LIMITS, and
+is only meant as a teaching/demo tool. Use at your own risk, or
+do not use if you don't understand the issues.
+
+Just try "System.exit(0)" if you don't know what this means ;-)
+-------------------------------------------------------------------
+
 This sample application executes java code entered in an HTML form,
 by generating and compiling java servlets on the fly.
 
@@ -34,4 +43,4 @@
    
 The servlets are generated under /apps/javashell/servlets, and are *not* 
 cleaned up currently, this is something that should be improved.   		
-           
\ No newline at end of file
+