[Fixed] Allowing malicious code injection #34

Jaagrav / CodeX-API

The new version of CodeX API with it's backend, a lot of you wanted me to make the backend opensource, now it's ready to receive contributions from you. Thanks for being patient, more languages coming soon, happy hacking!

https://codex.jaagrav.in/

MIT License

193 stars 66 forks source link

[Fixed] Allowing malicious code injection #34 #37

Open vickyguptaa7 opened 1 year ago

vickyguptaa7 commented 1 year ago

Previously the code execution by the spawn process has the root permission so there was threat that anyone can modify the file on the server. Now i have fixed this issue by spawning the process with non root process so it will avoid any kind of changes like removing files, applications, adding file or modifying the existed files.

anweshandev commented 1 year ago

Addresses #42 (but read suggestions too)