[Paraview] ParaviewWeb security
Sven Kramer
svenkramer40 at gmail.com
Sat Aug 13 06:53:52 EDT 2016
I was wondering, if ParaviewWeb takes security concerns serious. Studying
the server code, I found no measures against access to files outside of the
specified --data-dir, against XSS or injection of arbitrary code in analogy
to SQL injection.
Would you consider ParaviewWeb secure when the server is open to anybody in
the internet, or is its purpose only to be run within intranets behind a
firewall? Assuming that ParaviewWeb has not undergone any security audits,
are there any commercial alternatives?
Thank you
Sven
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://public.kitware.com/pipermail/paraview/attachments/20160813/4807c473/attachment.html>
More information about the ParaView
mailing list