search

bwssytems / domuslink

web-based frontend for Heyu
http://domus.link.co.pt/
1 stars 1 forks source link

remove heyu status from main page #27

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
I don't want the world to be able to stop and start my instance of heyu

Original issue reported on code.google.com by brandtda...@gmail.com on 31 Mar 2010 at 12:17

GoogleCodeExporter commented 9 years ago 
Ok, Brandt, this software is not a prime candidate to expose to the internet. 
It does
not have a security model built that would be acceptable to expose to the public
internet. If you are exposing domus, you should disable access to it.
Just a thought, if you have anything exposed to the internet and you do not 
have an
aggressive firewall (i.e. firestarter is not aggressive enough or others in this
vein) you shouldn't expose any services or web based applications that do not
implement a proper security model.

Original comment by bwsamuels@gmail.com on 31 Mar 2010 at 1:01

GoogleCodeExporter commented 9 years ago 
Then how is it used on the iPhone with the iPhone skin?

Original comment by brandtda...@gmail.com on 31 Mar 2010 at 4:10

GoogleCodeExporter commented 9 years ago 
An iPhone can do local network wifi as well. You don't have to use the 3G 
network to
an exposed server.

Original comment by bwsamuels@gmail.com on 31 Mar 2010 at 8:00

GoogleCodeExporter commented 9 years ago 
You can use the security level 2 in domus.link: only logged in people can use 
the
interface.

Original comment by linux4cy...@free.fr on 7 Apr 2010 at 10:49

GoogleCodeExporter commented 9 years ago 
Yes I can, but I don't think that is an appropriate place for such things. 
Usually in
a single family household, you will only have one home automation 
administrator...All
that type of stuff should be locked down in a section that only that person can
access. The rest of the family does not need to be confused by such options, 
they
only want their lights and such to work ;)

Original comment by brandtda...@gmail.com on 7 Apr 2010 at 4:27

GoogleCodeExporter commented 9 years ago 
So, an evolving discussion here.

To implement this type of scheme of multiple types of users, we would need to
implement a user/role security level to domus so that some could view, 
view/operate
and view/operate/configure-admin. Maybe this could be based on a PIN type setup 
so
that we wouldn't have to manage user/passwords. The only thing to be concerned 
about
is if it is exposed to the public internet. If that is the intention, we need 
to put
in a framework for security that is tighter that what is there now. Don't want 
the
hacker/scripters to turn your lights on and off....

Original comment by bwsamuels@gmail.com on 8 Apr 2010 at 12:53

GoogleCodeExporter commented 9 years ago 
I see two types of users; family members, and administrator. 

The family members would all share the same pin number to get into the main 
screen,
and only be able to control modules, While the administrator would have a 
regular
password to access admin features, such as heyu start/stop/restart, config file
location, server load, and all the other configuration options.

Original comment by brandtda...@gmail.com on 8 Apr 2010 at 7:47

GoogleCodeExporter commented 9 years ago 
Again, I will copy what is already done.... in videodb: 
http://www.videodb.net/blog/

There is a user management with differents rights.

Original comment by linux4cy...@free.fr on 9 Apr 2010 at 3:35

GoogleCodeExporter commented 9 years ago 
Can we change the text:

Current heyu configuration is: in directory /volume1/opt/etc/heyu/

to:

Current heyu configuration is in directory: /volume1/opt/etc/heyu/

or something shorter, not so wordy:

Active heyu config directory:  /volume1/opt/etc/heyu/

Original comment by brandtda...@gmail.com on 3 May 2010 at 9:53

GoogleCodeExporter commented 9 years ago 
Bear in mind that it can provide more information:
Current heyu configuration is: DUMMY in directory /etc/heyu/4

It tells me the name of the config used (DUMMY), and it reminds me the subdir.

Original comment by linux4cy...@free.fr on 4 May 2010 at 9:43

GoogleCodeExporter commented 9 years ago 
Maybe this can be a new enhancement if the section directive is not given to 
use the
text '[undefined]' as the header if it is not given.

Original comment by bwsamuels@gmail.com on 5 May 2010 at 1:38

GoogleCodeExporter commented 9 years ago

Original comment by bwsamuels@gmail.com on 11 May 2010 at 2:02

GoogleCodeExporter commented 9 years ago 
Could we make a security level 3, which is a combination of level 1 and 2? That 
way
the main page is protected by a family shared pin number, and then once you 
click on
the configuration tab, you are asked to enter an admin password?

Or we could just have the pin number interface on the home security tab in a 
future
release.

Original comment by brandtda...@gmail.com on 11 May 2010 at 4:14

GoogleCodeExporter commented 9 years ago 
So in the spirit of the 'original' request. Can we define this as if security 
level
is '1', do not allow or show the ability to start/stop/info heyu. Also, do not 
show
system uptime in security level '1'.

Original comment by bwsamuels@gmail.com on 12 May 2010 at 1:51

GoogleCodeExporter commented 9 years ago 
Anything other than turning on and off devices should be behind closed doors 
for the
'administrator' only. The dashboard should primarily display x10 objects, but in
future releases could display other items useful to the family such as date, 
time,
temperature, dawn and dusk times etc...

Original comment by brandtda...@gmail.com on 12 May 2010 at 4:24

GoogleCodeExporter commented 9 years ago

Original comment by bwsamuels@gmail.com on 29 May 2010 at 2:27

GoogleCodeExporter commented 9 years ago 
This issue was closed by revision r768.

Original comment by bwsamuels@gmail.com on 4 Jun 2010 at 12:51