On Apr 6, 2011, at 1:34 PM, Bernard Li wrote: > Hi all: > > On Wed, Apr 6, 2011 at 11:14 AM, Vladimir Vuksan <vli...@veus.hr> wrote: > >> I spoke to Bernard and we are considering doing a code freeze of the Web >> 2.0 UI. I'd like to release it by the end of month so that people can start >> using it. > > Yeah, let's try to get this out soon. > >> From the TODO >> https://sourceforge.net/apps/trac/ganglia/browser/branches/monitor-web-2.0/TODO, > I'd like to get the following done before the code freeze: > > - Add back the Ganglia logo > - Provide an easy method for user to add their organization's logo
In my opinion, the new UI features which write to the file system on the web server (to save view definitions, etc) should require some kind of authentication. Allowing any random user to change the UI's configuration seems like a hole we should fill before releasing. Does anyone use the 'private clusters' feature which is implemented in auth.php? Seems like we could use this authentication mechanism, though I did have a few concerns. - The authentication database is a 'private_clusters' text file, stored in the same directory as auth.php. That means I could take a look at http://site.com/ganglia/private_clusters via my web browser and download the whole list of cluster names & MD5 hashes. - I'm not a crypto guy, but I believe the MD5 algorithm is now widely considered to be insecure, and not something we should be relying on. http://en.wikipedia.org/wiki/MD5#Security Before release, I suggest we: - Move the private_clusters file outside Apache's DocumentRoot. Maybe @sysconfdir@/private_clusters? - Update auth.php to use a more secure (but still widely available) hashing algorithm. SHA1 or otherwise? - Require authentication for actions which can change UI configuration, like creating/altering views, or for any other action which might write user data to the web server's filesystem. - Support a wildcard cluster name in private_clusters, or a 'root' user, so an admin would only need to define 1 password to be able to edit anything in any cluster. Maybe that's what the 'control' context is for? alex ------------------------------------------------------------------------------ Xperia(TM) PLAY It's a major breakthrough. An authentic gaming smartphone on the nation's most reliable network. And it wants your games. http://p.sf.net/sfu/verizon-sfdev _______________________________________________ Ganglia-developers mailing list Ganglia-developers@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ganglia-developers