search

Rudis1261 / blink-server

This is the server you would need to be able to run the Blink Android Application.
MIT License
34 stars 7 forks source link

Run the server without root rights #7

Closed jjpe closed 5 years ago

jjpe commented 5 years ago

Running code as root is a redonculous security risk, and for me, a bluetooth server it's a little hard to justify. What are the current causes for needing root rights, and could you remove the necessity for root?

Rudis1261 commented 5 years ago

Hi @jjpe, Last time I checked / used this. You had to run as root to be able to read the bluetooth streams. I am not sure whether that is still a requirement. And not sure what running this as root will give you?

What the security risk is, it's pretty dependant on pairing the device. Unless you are able to get in somehow via a snoop or something.

You can try and run it without the sudo command and seeing whether it still works. If it does, then that solves your concern

Rudis1261 commented 5 years ago

Ahh just looked at it, it's to be able to bind to the bluetooth socket. Like I said it used to be an issue, lemme know if it doesn't faceplant without that anymore