SSSS: Secure Server Side Scripting

Jan 18 2011 Published by under Uncategorized

Short:

Create a way to run code on the server, code that users can upload.  The server should still be safe from abuse.

Long:

Creating a home page can easily be done gratis.  Just find a company to host your static files.  Angelfire and Passagen spring to mind even though their heydays are over.  Get a gratis account and upload your static HTML and javascript and flash files and images.  Whole games can be hosted in this easy way.  As long as there is nothing changeable on the server.

Making things interactive is a different horse.  For developing web applications we have to use binaries, byte code or script at the server.  Since running code uses resources and can choke the server there are very few gratis solutions.  We must pay to get an account which we then can use up to a certain Mbits of traffic and Mbytes of data and possibly Mseconds of processor use.

On the client we can use javascript and (ab)use most of the client browser power.  Security and resource handling are already built in and taken care of.

Why not extend this kind of reduced power scripting to the server?  Limit processor time, RAM usage and HD space.  I have been thinking about how to limit dotnet or java but come to the conclusion that since the environment isn’t built for it it will be a faulty solution to start with.
If we instead created a new language and environment we could tailor the functionality to the needs.

If then people could easy upload web applications we would get an explosion of ideas and solutions.

No responses yet