Security
First, a disclaimer: in-depth security considerations, particularly as they pertain to web servers, are beyond the scope of this manual. Consult or become an expert!
Having said that, Linton’s simplicity makes it easy to analyse with respect to various threats:
- Is Linton malware? Linton depends on Nancy (written by the same author), pyxdg (a widely-used library) and Python itself. It is distributed via the Python package index. The total amount of code written by the author is about 1,000 lines, and the GitHub repository and PyPI account are connected to his real-world identity. In other words, it is a small amount of code to analyse, and the author stands behind it.
- Is Linton susceptible to malware when it runs on my computer? Linton’s open design means that it can easily be made to read any file and run any program available to the user who runs it. This includes downloading files and running code from the internet! Linton does not try to validate its inputs. Therefore, you must run it in an environment you trust. The default site template does not read arbitrary files or run arbitrary programs; if you stick to it, the risk is much more restricted.
- Will Linton install malware on the web server? Linton does not run on the web server, as a Linton site is just a collection of files to upload to the web server. Therefore, the risk to the server is limited to problems caused by malicious files, which in turn can only come from Linton’s environment when it is run. For a well-configured web server, which is resistant to malicious inputs, this is a low risk. Again, this risk is much reduced when sticking to the default site template.
- Will Linton web sites infect visitors with malware? The answer to this is much the same as the previous question: Linton does not directly interact with users, so the risks come from the files uploaded to the web server. By using the default site template, which generates mostly static pages, with the only JavaScript code coming from a cryptographically-signed distribution of the widely-used Bootstrap framework, plus a few lines of hand-written code in the template, there is very little for attackers to exploit.
Last updated 2025/01/29