Mercurial > hg > orthanc
diff OrthancServer/main.cpp @ 3535:41365091a41e
display a security warning in the logs at startup when ExecuteLuaEnabled is true
author | Alain Mazy <alain@mazy.be> |
---|---|
date | Sun, 06 Oct 2019 09:52:57 +0200 |
parents | cac8ffcb9cef |
children | 9cc09f4c0fa9 |
line wrap: on
line diff
--- a/OrthancServer/main.cpp Fri Oct 04 19:16:12 2019 +0200 +++ b/OrthancServer/main.cpp Sun Oct 06 09:52:57 2019 +0200 @@ -898,6 +898,18 @@ { httpServer.SetSslEnabled(false); } + + if (lock.GetConfiguration().GetBooleanParameter("ExecuteLuaEnabled", false)) + { + context.SetExecuteLuaEnabled(true); + LOG(WARNING) << "====> Remote LUA script execution is enabled. Review your configuration option \"ExecuteLuaEnabled\". " + << "Your setup is POSSIBLY INSECURE <===="; + } + else + { + context.SetExecuteLuaEnabled(false); + LOG(WARNING) << "Remote LUA script execution is disabled"; + } } MyHttpExceptionFormatter exceptionFormatter(httpDescribeErrors, plugins);