weblily: security risk

[Graham Percival]

Mr. Weblily,

I like your enthusiasm with your weblily project, but for Mao's
sake please learn something about computer security.  The current
website is completely insecure.

This is not a theoretical concern.  It would take me approximately
two minutes to delete everything in your /home/lily/ directory --
not just material in /home/lily/scores/.


I wouldn't do this, of course -- but if a non-expert like me could
do this so quickly, I'm certain that an experienced and malicious
hacker could do far worse.  Such as taking over your machine and
using it to attack other websites, distributing child porn, or
whatever.

If you want to continue to run your project without any regard for
security, that's your business, but I want it understood that
YOU HAVE COMPLETELY DISREGARDED ALL COMMON SENSE AND HAVE NOT READ
THE MATERIAL ABOUT SECURITY IN OUR DOCUMENTATION.  YOU RUN
LILYPOND IN THIS FASHION COMPLETELY AT YOUR OWN RISK, AND IF THE
GERMAN EQUIVALENT OF THE FBI COMES KNOCKING ON YOUR DOOR ASKING
WHY YOU ARE DISTRIBUTING RIPS OF HOLLYWOOD MOVIES OR PIRATED
COMMERCIAL SOFTWARE, YOU CANNOT BLAME LILYPOND.

The internet is not a playground.  If you're going to hand
complete control over your server to other people, you might not
like the consequences.

- Graham Percival