On Sun, Mar 2, 2014 at 7:37 AM, W. Martinjak <mats...@play-pla.net> wrote:
> > On 2014-03-02 13:11, Mark Wendt wrote: > > I take it this WebUI implementation would require a web server running on > > the local linux machine with all the included overhead and security > > concerns that web servers have? Or is there some small, really safe, > > really secure subset of apache that doesn't require a lot of overheard, > and > > comes secure out of the box running only on the local machine, accessible > > to only the local machine> > > > > I install, configure and run web servers on a daily basis here at work. > > Apache is not for the casual user and it can swipe a lot of resources if > > not set up correctly, and is not very secure out of the box. > > > > Mark > > > > This| > sudo apt-get install python-cherrypy3| > lcnc_poslogger_cherrypy_server.py > > is the webserver. > > Try it out on your linuxcnc box. > The instructions in the readme can be applied just on the lcnc box. > And note that it runs on a stable (2.5.x) lcnc without recompiling. > As I said... > No rocket science. ;) > > But the webserver can be outsourced to a more powerfull desktop machine. > > Nevertheless it's just a simple demo. > > Matsche > Okay, it looks fairly light weight. But, how secure is it? From the looks of it, you can use certificates, but... There's a lot more to securing a web server than introducing https to it. Locking down a full-blown web server like Apache takes quite a bit of work. A pass through the cherrypy documentation doesn't leave me feeling very good about the security aspects of that web server. Of course, more security means more overhead, but not securing a web server can cause a lot of security pain in your installation. Looks a bit too easy for a good hacker to get in, and wreak havoc. Unless there really is a compelling reason, and/or the developers come up with more and better security solutions, I'd be hard pressed to run that web server on any machine of mine. And I say that because I have quite a few full-up web servers that I built and run daily, on a US Navy installation that tends to draw the attention of certain folks we'd rather not have breaking into our systems. This one is designed for someone to load on their phone or computer at home. I'd bet dollars to donuts that crowd really doesn't have a whole log of experience building, configuring and maintaining a secure web server. The folks who install and run this, unless they have some kind of a protected network, leave themselves wide open to folks who'd like to cause mischief. Mark ------------------------------------------------------------------------------ Flow-based real-time traffic analytics software. Cisco certified tool. Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer Customize your own dashboards, set traffic alerts and generate reports. Network behavioral analysis & security monitoring. All-in-one tool. http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk _______________________________________________ Emc-users mailing list Emc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/emc-users
