Hi,
I found that using command for example..
plot2d(sin(x), [x, -5, 5], [gnuplot_term, "png size 100000, 100000"])
in MaximaPHP can cause Maxima to create arbitrarily large file in your server..
So.. I added the following pairs in the blacklist..
'plot2d', '/\bpng\b.*\bsize\b/s'
'plot3d', '/\bpng\b.*\bsize\b/s'
Maybe there are another such holes.. so please be careful if you use
MaximaPHP in your server.
Best regards,
bowo