Closed GoogleCodeExporter closed 9 years ago
Ok, Brandt, this software is not a prime candidate to expose to the internet.
It does
not have a security model built that would be acceptable to expose to the public
internet. If you are exposing domus, you should disable access to it.
Just a thought, if you have anything exposed to the internet and you do not
have an
aggressive firewall (i.e. firestarter is not aggressive enough or others in this
vein) you shouldn't expose any services or web based applications that do not
implement a proper security model.
Original comment by bwsamuels@gmail.com
on 31 Mar 2010 at 1:01
Then how is it used on the iPhone with the iPhone skin?
Original comment by brandtda...@gmail.com
on 31 Mar 2010 at 4:10
An iPhone can do local network wifi as well. You don't have to use the 3G
network to
an exposed server.
Original comment by bwsamuels@gmail.com
on 31 Mar 2010 at 8:00
You can use the security level 2 in domus.link: only logged in people can use
the
interface.
Original comment by linux4cy...@free.fr
on 7 Apr 2010 at 10:49
Yes I can, but I don't think that is an appropriate place for such things.
Usually in
a single family household, you will only have one home automation
administrator...All
that type of stuff should be locked down in a section that only that person can
access. The rest of the family does not need to be confused by such options,
they
only want their lights and such to work ;)
Original comment by brandtda...@gmail.com
on 7 Apr 2010 at 4:27
So, an evolving discussion here.
To implement this type of scheme of multiple types of users, we would need to
implement a user/role security level to domus so that some could view,
view/operate
and view/operate/configure-admin. Maybe this could be based on a PIN type setup
so
that we wouldn't have to manage user/passwords. The only thing to be concerned
about
is if it is exposed to the public internet. If that is the intention, we need
to put
in a framework for security that is tighter that what is there now. Don't want
the
hacker/scripters to turn your lights on and off....
Original comment by bwsamuels@gmail.com
on 8 Apr 2010 at 12:53
I see two types of users; family members, and administrator.
The family members would all share the same pin number to get into the main
screen,
and only be able to control modules, While the administrator would have a
regular
password to access admin features, such as heyu start/stop/restart, config file
location, server load, and all the other configuration options.
Original comment by brandtda...@gmail.com
on 8 Apr 2010 at 7:47
Again, I will copy what is already done.... in videodb:
http://www.videodb.net/blog/
There is a user management with differents rights.
Original comment by linux4cy...@free.fr
on 9 Apr 2010 at 3:35
Can we change the text:
Current heyu configuration is: in directory /volume1/opt/etc/heyu/
to:
Current heyu configuration is in directory: /volume1/opt/etc/heyu/
or something shorter, not so wordy:
Active heyu config directory: /volume1/opt/etc/heyu/
Original comment by brandtda...@gmail.com
on 3 May 2010 at 9:53
Bear in mind that it can provide more information:
Current heyu configuration is: DUMMY in directory /etc/heyu/4
It tells me the name of the config used (DUMMY), and it reminds me the subdir.
Original comment by linux4cy...@free.fr
on 4 May 2010 at 9:43
Maybe this can be a new enhancement if the section directive is not given to
use the
text '[undefined]' as the header if it is not given.
Original comment by bwsamuels@gmail.com
on 5 May 2010 at 1:38
Original comment by bwsamuels@gmail.com
on 11 May 2010 at 2:02
Could we make a security level 3, which is a combination of level 1 and 2? That
way
the main page is protected by a family shared pin number, and then once you
click on
the configuration tab, you are asked to enter an admin password?
Or we could just have the pin number interface on the home security tab in a
future
release.
Original comment by brandtda...@gmail.com
on 11 May 2010 at 4:14
So in the spirit of the 'original' request. Can we define this as if security
level
is '1', do not allow or show the ability to start/stop/info heyu. Also, do not
show
system uptime in security level '1'.
Original comment by bwsamuels@gmail.com
on 12 May 2010 at 1:51
Anything other than turning on and off devices should be behind closed doors
for the
'administrator' only. The dashboard should primarily display x10 objects, but in
future releases could display other items useful to the family such as date,
time,
temperature, dawn and dusk times etc...
Original comment by brandtda...@gmail.com
on 12 May 2010 at 4:24
Original comment by bwsamuels@gmail.com
on 29 May 2010 at 2:27
This issue was closed by revision r768.
Original comment by bwsamuels@gmail.com
on 4 Jun 2010 at 12:51
Original issue reported on code.google.com by
brandtda...@gmail.com
on 31 Mar 2010 at 12:17