[mythtv-users] Mythweb security
Bill at Explosivo.com
Wed Oct 27 21:43:41 UTC 2004
On Wednesday 27 October 2004 04:33 pm, Chris Petersen wrote:
> > If I had to do it, I would still use the apache login, but then check the
> > user inside mythweb.
> That's the long-term plan. php's support for htauth isn't so hot (and
> it's not just apache -- htauth is built into the http specs), or rather,
> htauth isn't complex enough to bother putting effort into php when
> apache manages it so easily.
Since we are not really adding super security onto it, I was thinking of just
checking the environment variable for the username. If I recall that was the
> Can then let access groups be defined in mythweb (either online or in a
> config file), to control who can see which sections of mythweb.
> > I'd be willing to code it in, but I would want the maintainer to agree
> > that it is good and would be included.
> I'd accept a patch if:
> 1. access groups can be disabled, and are disabled my default.
I'd say groups would be overkill. Figure a Mythbox could have like an average
of three users, maybe a total of 6 in a big family. Breaking groups to
contain users would be just wasted I would think. Assigning rights to each
person should be okay. Basically something like:
Note that [ ] below signifies checkboxes and is just an example, I have not
put any thought into what they would actually be.
username [admin] [can set recordings] [can del recordings] [can view
schedule] [max priority] [etc]
> 2. open discussion comes to a consensus about which areas of mythweb
> need to be restricted.
> Of course, all of this user-priority/override stuff would require mythtv
> support, and goes beyond mythweb. I'm only thinking about stuff like
> locking out the ability to delete recordings, change channel settings, etc.
I'd say just enforcing a max priority setting would be good - even if it did
not get enforced my Mythtv. I can whack my GF with a rolled up newspaper
when she overrides something in front of me, but when she goes home and
sneaks in with a web browser its a different story :)
I can come up with a better plan and submit it to the list for the open
discussion and we can evaluate there if it has any merit.
> mythtv-users mailing list
> mythtv-users at mythtv.org
Director of Internet Technology
p: 888.560.YWEB (9932)
e: bill at Explosivo.com
More information about the mythtv-users