On Fri, Jul 06, 2001 at 01:11:45PM -0600, Ronald G Minnich wrote:
> On Fri, 6 Jul 2001, Bob Drzyzgula wrote:
>
> Could we put a directory as follows
>
> freebios/web
> or
> freebios/util/web
>
> and put the web stuff there. That makes it clear that it is a utility type
> thing. I don't want to spread the files all over the tree, and I don't
> want to have to rely on them. But it's an interesting thing to make
> available.
This is pretty well in line with what I had in
mind, so sure. My mail had mentioned the directory
[srcroot]/freebios/util/webconfig/cgi-bin/, perhaps
you thought that I ment "freebios/src" where I put
"[srcroot]", but I'd actually meant the root where you put
a checkout of the freebios CVS tree; thus, the "webconfig"
directory would sit alongside the "config" directory in
freebios/util.
I did some more looking for something that would implement
web server functionality without opening up a TCP port.
I think that this would be possible but I really wasn't
able to find anything straightforward and generic that
I could just pick up and start using. It seems likely
that this may involve a plug-in protocol handler for
the web browser, so that one could browse to, say,
"config://freebios/matsonic" or something like that. They
do this kind of thing in Konquerer for things like the
texinfo files ("info://"). One other possiblity would be to
run the web server on a Unix domain, filesystem-based
socket instead of a TCP socket; one could then use standard
filesystem security to control access. I'm not sure how
hard it would be to get a web server and/or browser to
do this.
Nonetheless, the more I think about it the more it seems
that that simply running a dedicated webserver, bound
only to localhost, possibly with basic auth protection
if necessary, would be sufficiently secure for most
applications; since 127.0.0.1 is not exposed outside of a
machine, one would first have to break into the machine to
access the config application. Contrary views are invited.
I'll be on vacation this coming week, hopefully I'll
be able to do some more on it the following week.
--Bob
