This repository has been archived by the owner on Feb 25, 2025. It is now read-only.
Sanitize Zimpl models #3
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Zimpl supports reading files and printing their contents. And the
scipsubprocesses are started with the same user that started thezimplaygroundserver. All files that are readible by this user can easily be leaked.We could forbid reading from files, or check whether the path is located within some specific folder.
The text was updated successfully, but these errors were encountered: