On Sun, Mar 2, 2014 at 8:00 AM, Michael Haberler <mai...@mah.priv.at> wrote:
> > > > > > > > > I take it this WebUI implementation would require a web server running on > > the local linux machine with all the included overhead and security > > concerns that web servers have? Or is there some small, really safe, > > really secure subset of apache that doesn't require a lot of overheard, > and > > comes secure out of the box running only on the local machine, accessible > > to only the local machine> > > yes, this is the case - libwebsockets can also serve files via http. So > there's an optional mini http server within the same process; no separate > server needed just to serve a few static html,js, image files from a single > directory. Actually it shares the port with Websockets, so just one URI for > both. Basically just a bootrom for a client Javascript application. For > something more fancy server-side one would choose something else, but that > is not a problem I need to address. > > Both websockets an http channels do support SSL and certificates if needed. > > Note I'm not building a WebUI - I work on the support to build to make it > easy to build one. You cant expect more Javascript from me than a simple > jsvcp HAL UI example with a few buttons, sliders and leds ;) > > - Michael > > > > I install, configure and run web servers on a daily basis here at work. > > Apache is not for the casual user and it can swipe a lot of resources if > > not set up correctly, and is not very secure out of the box. > > > > Mark > In my other recent reply I mentioned my security concerns. These small, light weight web servers just don't seem to have much security built into them. Yes, SSL is a good thing, but that only encrypts "that" single data stream, while not really securing the server itself. Even full-blown web servers running Apache can be broken into if they aren't configured correctly, and that previous link that was posted for that small python web server didn't leave me with a good basis for presuming the web server was secure, or could easily be made so by the user. I'm just not thrilled with the idea of running a web server on a machine that's controlling a big hunk of heavy, fast moving metal that can do damage (and lots of it) by someone on the outside with mischief or malicious intent on their mind. Once somebody's in your network, and if they've gotten that far there's a decent chance they can get on your controller machine, who's to say they couldn't wreak havoc with an unsecure web server which is one of the easiest things to hack into? I ain't buying the idea that it's a good thing to introduce into this kind of environment. For security and safety reasons. Mark ------------------------------------------------------------------------------ Flow-based real-time traffic analytics software. Cisco certified tool. Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer Customize your own dashboards, set traffic alerts and generate reports. Network behavioral analysis & security monitoring. All-in-one tool. http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk _______________________________________________ Emc-users mailing list Emc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/emc-users