Nobody interest about CGI ?
2014-02-13 6:17 GMT+08:00 Janek <ja...@bigpond.net.au>: > If the server is a localhost, both client and server can be on the same > machine. See openROV for examples https://github.com/OpenROV > > > On Wednesday, February 12, 2014 7:45:08 AM UTC+11, Jake Swensen wrote: >> >> I'm new to web applications as well, hence the question. Clarification >> question: When using the web sockets protocol, the client and server are >> running on two different pieces of hardware, correct? If so, that's great, >> because this is the general direction I am heading in with this exercise, >> however (and I should have been clear on this) my current situation is that >> I am hosting the php page on the bbb in the /home/ubuntu/public_html folder >> with the binary executable in that folder as well. In this case, would it >> be best to do what Rusty suggested and create a group with write >> permissions to the device nodes and a udev rule that set up the devices to >> have write permission by that group? >> >> I would like to explore both options. After a quick Google search on web >> sockets, I came across libwebsockets. Would this project implement the web >> socket protocol you mentioned? >> >> Any suggested reading material (even if I need to buy it) would also be >> appreciated. >> >> Thanks again! >> Jake >> >> On Tuesday, February 11, 2014 4:16:47 AM UTC-6, Jack Mitchell wrote: >>> >>> On 10/02/14 21:34, William Hermans wrote: >>> > Jack, >>> > >>> > Ok perhaps I am missing something, and I by no means mean to be >>> > adversarial here. I am just curious, so If i am missing something >>> > please feel free to enlighten me. >>> > >>> > What is the difference between using setuid(0) and having a web socks >>> > app running the app ? >>> >>> The web socket doesn't run the app, the app is always running, probably >>> started as a daemon from the init system, and accepts messages from the >>> web socket. Therefore there is no direct execution of a setuid binary >>> from the web interface. >>> >>> > Here is my thinking. If you write the app/service >>> > correctly, all anyone is going to be able to do is switch on / off an >>> > LED. Yes, perhaps you do not want *EVERYONE* doing this, but how will >>> > this solution solve that specific problem ? Unless I am missing >>> > something . . . nothing can, short of having a user login screen for >>> the >>> > web interface. >>> >>> The issue isn't really with _who_ turns the LED on and off, that is a >>> application specific decision. The issue is with the ability to control >>> and execute a setuid binary from a possibly insecure, maybe even on the >>> open web application. >>> >>> Cheers, >>> >>> -- >>> Jack Mitchell (ja...@embed.me.uk) >>> Embedded Systems Engineer >>> Cambridgeshire, UK >>> http://www.embed.me.uk >>> -- >>> >> -- > For more options, visit http://beagleboard.org/discuss > --- > You received this message because you are subscribed to the Google Groups > "BeagleBoard" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to beagleboard+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/groups/opt_out. > -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups "BeagleBoard" group. To unsubscribe from this group and stop receiving emails from it, send an email to beagleboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
