readonly is pretty good. It blocks all writes. Probably the best other thing to block would be all the "temperature9 temperature10 fasttemp, ...) Each requires changing the resolution setting on the temperature chip and performing a new (slow) read.
We could set up a "safe" mode -- read-only, limit temperature resolution switches, no uncached. Paul Alfille On Tue, Jul 7, 2009 at 1:29 AM, Steinar Midtskogen<stei...@latinitas.org> wrote: > [Paul Alfille] > >> So I'd guess that people access an public owhttpd should be pretty >> safe, as long as the 1-wire devices aren't controlling something >> delicate. > > Apart from the queueing issue, my main "worry" (if it turns out to be > a problem, I'll just remove access) has been that a lot of uncached > requests would interfer with the regular use. All accesses, however, > have to go through an apache server acting as a reverse proxy, so I > use the rewrite module to block all requests for uncached data and > have apache remove the links to uncached data as well. Then I should > be able to control the number of actual requests on the bus caused by > owhttpd using the timeout options. Does an option in owhttpd/owserver > to disallow uncached requests sound like a good idea? > > How secure is the --readonly option in owhttpd? Is it merely removing > the forms, is it still possible to POST data or to contruct clever > URLs? > > My 1-wire devices are controlling some delicate stuff. One switch can > close the main water valve to our house, one can disable a leakage > detection system, another can trigger the fire alarm, so to be sure to > block write access is important. I run owhttp with the options > --readonly -s server1:xxxx -s server2:xxxx ... -s serverN:xxxx. > > -- > Steinar > > ------------------------------------------------------------------------------ > Enter the BlackBerry Developer Challenge > This is your chance to win up to $100,000 in prizes! For a limited time, > vendors submitting new applications to BlackBerry App World(TM) will have > the opportunity to enter the BlackBerry Developer Challenge. See full prize > details at: http://p.sf.net/sfu/blackberry > _______________________________________________ > Owfs-developers mailing list > Owfs-developers@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/owfs-developers > ------------------------------------------------------------------------------ Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/blackberry _______________________________________________ Owfs-developers mailing list Owfs-developers@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/owfs-developers
