[sword-devel] diatheke security
    Linas S. 
    mail at operis.org
       
    Wed Feb  7 01:40:00 MST 2007
    
    
  
Hello,
I try to make online Bible script using diatheke. I got problem- security.  
Users can put everything in a search box on the web page, e.g.:
Jesus;ls /etc
If I run such the command:
diatheke -b KJV -s phrase -k Jesus; ls /etc
I will get list of /etc directory.
I could check user input for characters other than letters a - z, but  
users can enter Greek text or Hebrew.
Is here any "safe" way of using diatheke?
Regards,
Linas S.
    
    
More information about the sword-devel
mailing list