Begin sandboxing support, README updates.
此提交包含在:
58
README.md
58
README.md
@@ -9,35 +9,40 @@ History
|
||||
====
|
||||
A couple of years ago, I wanted to setup a personal wiki on my raspberry
|
||||
pi. However, the distribution I used back then did not have a PHP package
|
||||
for ARM. So I decided I would write one in C. Yes, that's an odd way
|
||||
to approach the problem and indeed, I may have had too much time back
|
||||
then. Also, I wanted to see how it's like to write a "web app" in C
|
||||
and wanted to sharpen my C a little bit.
|
||||
for ARM. So instead of switching distributions or searching for other
|
||||
wikis that I could use, I decided I would write one in C. Yes,
|
||||
that's an odd way to approach the problem and indeed, I may have had too
|
||||
much time back then. Also, I wanted to see how it's like to write a
|
||||
"web app" in C and wanted to sharpen my C skills a little bit.
|
||||
|
||||
Of course, it's pretty straightforward at first. No really. Just use CGI.
|
||||
And indeed, that's probably more than enough. Then I decided to play
|
||||
around and started using FastCGI (with the official library from now
|
||||
defunct fastcgi.com) and created a multi-threaded version. It initially
|
||||
used a "pile of files database", but that became too painful, so then
|
||||
I started using sqlite.
|
||||
Of course, it's pretty straightforward at first. No really: Just use CGI.
|
||||
And indeed, that would have been more than enough for my use cases.
|
||||
Then I decided to play around and started using FastCGI (with the official
|
||||
library from now defunct fastcgi.com) and created a multi-threaded version.
|
||||
It initially used a "pile of files database", but that became too painful,
|
||||
so then I started using sqlite.
|
||||
|
||||
C++
|
||||
---
|
||||
Eventually the code became unmaintainable. Initially, I wanted something
|
||||
quick. I did not care about memory leaks (as it was CGI initially).
|
||||
After FastCGI, they became an issue. In the end, the task of avoiding
|
||||
memory leaks became too annoying. And of course, C does not include any
|
||||
"batteries" and while I could manage, this too was another good reason.
|
||||
Eventually, since it was mostly a playground for me, the code became
|
||||
unmaintainable. Furthermore, I wanted something quick and given that
|
||||
it was CGI, I didn't bother taking care of memory leaks.
|
||||
After initiating a FastCGI interface, they became an issue and then the
|
||||
task of avoiding memory leaks became too annoying. And of course, C does n
|
||||
ot include any "batteries" and while I could manage, this too was another
|
||||
good reason.
|
||||
|
||||
Overall, I am just continuing the experiment with C++17 now. It's not
|
||||
nearly as bad as you would expect perhaps. Some things are surprisingly
|
||||
convenient even. Still, the standard library is lacking and
|
||||
I would hope for a some better built-in Unicode support in the future.
|
||||
I would hope for a some better built-in Unicode support in future C++
|
||||
standards.
|
||||
|
||||
Features
|
||||
========
|
||||
To be fair, at this point it doesn't even have a "diff" between revisions
|
||||
yet and does not have features that make you prefer it over other wikis.
|
||||
yet and does not have features that would make you prefer it over other
|
||||
wikis.
|
||||
|
||||
- CGI
|
||||
- HTTP server using the header only library cpp-httplib. It's more
|
||||
@@ -55,23 +60,26 @@ yet and does not have features that make you prefer it over other wikis.
|
||||
|
||||
Security
|
||||
========
|
||||
The most reasonable way would have been to add some sort sandboxing
|
||||
support right away, but this is lacking so far. As for "web security",
|
||||
all POST requests are centrally protected against CSRF attacks and all
|
||||
input is escaped against XSS attacks.
|
||||
On Linux namespaces are used to restrict the process to only access
|
||||
files it needs. It doesn't have access to other paths in the system.
|
||||
In addition, Seccomp is used to restrict the syscalls the qswiki process
|
||||
can call. As for "web security", all POST requests are centrally
|
||||
protected against CSRF attacks and all input is escaped against XSS
|
||||
attacks.
|
||||
|
||||
Building
|
||||
========
|
||||
Dependencies:
|
||||
- cpp-httplib: https://github.com/yhirose/cpp-httplib
|
||||
- SqliteModernCpp: https://github.com/SqliteModernCpp
|
||||
|
||||
Given the fact those are header-only libraries, they are already
|
||||
included here, so you only need to run:
|
||||
- libseccomp: https://github.com/seccomp/libseccomp
|
||||
- sqlite3: https://sqlite.org/index.html
|
||||
|
||||
The first two are header-only libraries that are already included here.
|
||||
|
||||
If all dependencies are available, run:
|
||||
```make release```
|
||||
|
||||
|
||||
Setup
|
||||
=====
|
||||
To be written
|
||||
|
||||
新增問題並參考
封鎖使用者