Filtering with wml, security considerations?

[Jim Hebert <nospam@thanx>]

I'm working on a project, which, in a nutshell, would allow people to type
in some text in a form and have it appear as a web page. I would like to
make the wml facilities availible to persons, within the confines of
security. The cgi would presumably take the input, pipe it to wml, and
grab the output for posting as it saw fit. I'll bet I'll have to turn off
some of the passes...

I'm pertty sure e-perl is out, right? I don't want people to be able to
execute commands on the system by embedding some e-perl that creats a
setuid shell for the userid running the cgi.

OTOH, I'm not concerned all *that* much about
things like #include including /etc/passwd -- call

I recall there being some stuff in m4 that I might not like too -- that
would let them run arbitary commands on the machine. Right?

What else are potential gotchas, and solutions? I assume for many of these
things disallowing certain passes to take place with be the big answer.
However, perhaps some standard neutralizer could be prepended to the user
input would would alias away or otherwise hide some of the problematic
commands? Perl is probably highly problematic and I'll bet it has to be
turned off, but perhaps there'd be a way to alias away (or equivalent) the
1 or 2 bad m4 commands or other problems?

Thanks,
jim

-- 
[L]inux has an installed base conservatively estimated at around 3 million
users.... [V]endors say that most of the top companies in the US have bought
the OS - but that few will readily admit to running their multimillion-dollar
corporations on code put together by a band of software idealists. -- _Wired_

______________________________________________________________________
Website META Language (WML)                www.engelschall.com/sw/wml/
Official Support Mailing List                   sw-wml@engelschall.com
Automated List Manager                       majordomo@engelschall.com