Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

examine and deliberate security concerns #712

Open
bertsky opened this issue Aug 26, 2021 · 0 comments
Open

examine and deliberate security concerns #712

bertsky opened this issue Aug 26, 2021 · 0 comments
Assignees
@kba

Comments

@bertsky
Copy link
Collaborator

bertsky commented Aug 26, 2021

As long as we only have command-line interfaces, I suppose security is a matter of system administration (user priviledges for FS access and ulimit restriction of runtime resources). It's difficult to define and track what is a fair resource consumption. But as soon as we integrate them into network services (as scripts or by directly adding network capabilities in the form of low-level workflow/processing servers or a Web API implementation), we will also need to protect users from each other and against malign input.

For example, most of our XML processing is done via lxml (based on libxml2), which comes off rather bad regarding resource overconsumption: https://pypi.org/project/defusedxml. (The input METS or PAGE could be compromised in order to DOS-attack the machine or leak sensitive information via XInclude directives.)

To my knowledge, no analysis of such potential problems has been undertaken for OCR-D yet.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kba kba

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kba @bertsky