diff options
| -rw-r--r-- | README | 8 | ||||
| -rw-r--r-- | TODO | 7 |
2 files changed, 15 insertions, 0 deletions
@@ -27,6 +27,10 @@ probably escalate privileges one way or another (install arbitrary packages, reconfigure networks, enable callback scripts, edit system configuration files). +The server and client processes should be one-to-one: only one client should +ever connect to the server. The init_test.sh script shows how this could be +achieved in a SysV-style /etc/init.d script. + The intended use case is writing a user-friendly web control panel for a Debian server or router: the web designer creating the user interface should not be overly concerned with writing secure code, and the web application itself @@ -72,6 +76,10 @@ Features: * call augeas API: match, set, setm, get, save, move, insert, remove * call init.d service scripts: status, start, stop, restart +In late 2012 Nick Daly (of the FreedomBox project) wrote up a brief audit of +this code and concept on his blog (https://www.betweennowhere.net/). Link is +frequantly broken. + ### Dependencies (server) * augeas configuration editing library @@ -0,0 +1,7 @@ +- socket overwriting problem; use directory trick? +- strengthen default permissions on socket +- comment socket code +- client: if authentication fails, then bail +- server: only allow one auth ever. close and quit after client closes. +- document per-app socket naming intention +- hash secret key, salted with 'exmachina' |