warpme at o2.pl
Sat Feb 1 20:37:32 UTC 2014
On 30/01/14 20:03, Jay Ashworth wrote:
> ----- Original Message -----
> Let's skip the strawmen, and cut to the chase, shall we?
> "If the MythTV backend core is replying to HTTP requests coming from the
> Internet at large, it's bugs become security bugs, which could lead to
> an attack by whatever user Mythbackend runs as. If that's root, you could
> lose the whole machine, not just the recordings."
> Doesn't matter which port you have it on.
> -- jra
This is is wide statement. In fact it is based on too far extrapolation.
If user will use application level proxy - then above statement will be
true in very special cases. Is will be true only when user pass
authentication/authorization phase. In this context there is no any
difference between current approach (separate module* providing web
functions = mythweb) and proposed approach (build-in functionality)**
Proposed approach IMHO can have potential advantages over current:
-it allows to realize given functions by best components suited for
(mythbacked for servicing app logic and access to data; app level proxy
for AA process).
-minimal code duplication for new features
We can look on it from another perspective:
Knowing how precious are dev resources - as user I strongly prefer when
dev will spent their time on adding i.e. music support for WebFrontend
and pass to me proxy setup over alternative, where they will work on
good AA in build-in web server (problem is already solved by 3rd party)
or work on rewriting MythWEB (and simply duplicate there majority of
already exiting app logic).
All this discussion is classical design trade-off discussion and I'm
happy about dev decision as it allows fastest progress with new
features/best quality with existing features.
Totally another thing is how we - users are reacting for devs decisions.
I personally think that I should be really glad they decide to share
with me their work. Any whimpering in long term is against me as it
exploits devs energy to explain things which they are not obliged to
explain me and distracts them from real work which I so much appreciate.
(*) Many industrial critical systems are using approach with fronted
doing AA/Load-balancing and backend doing business logic. Infact usually
ther are multi tier solutions with frontends/firewalls/bus.logic/data
(**) Solution with app proxy can be even more secure - as app proxy can
be component exactly designed/proven for safe/efficient AA function for
things like open Internet access.
More information about the mythtv-dev