namecoin / nmcontrol

Namecoin Control. This repo is deprecated in favor of https://github.com/namecoin/ncdns
136 stars 38 forks source link

Dealing with the namecoind RPC interface #80

Open JeremyRand opened 9 years ago

JeremyRand commented 9 years ago

The namecoind RPC interface in NMControl is an ugly hack. As far as I can tell it's violating the HTTP spec, and we're just lucky that it works at all. No one wants to maintain that code.

We have 2 options. We could replace it with something more standard. The Bitcoin devs recommend https://github.com/jgarzik/python-bitcoinrpc . That code is actively maintained, and Python3 support is being worked on (though isn't completely working yet). Alternatively, we could switch to relying on Namecoin Core's REST interface.

I would prefer to switch to REST and remove the RPC interface. The reason for this is that right now, NMControl has the capability to issue arbitrary RPC commands, including looking at private data relating to the wallet (although not signing transactions). I would like to restrict NMControl via AppArmor/SELinux or similar things, so that even if NMControl is somehow compromised, it can't do nasty things to namecoind, but this is only possible with the REST interface to namecoind.

Thoughts on this?

--- Want to back this issue? **[Post a bounty on it!](https://www.bountysource.com/issues/14857886-dealing-with-the-namecoind-rpc-interface?utm_campaign=plugin&utm_content=tracker%2F435873&utm_medium=issues&utm_source=github)** We accept bounties via [Bountysource](https://www.bountysource.com/?utm_campaign=plugin&utm_content=tracker%2F435873&utm_medium=issues&utm_source=github).
phelixbtc commented 9 years ago

We should standardize a module for RPC access (even if we decide not to use it in this case because of security concerns). In most other places I use namerpc, e.g. here https://github.com/phelix/nameGUI/blob/master/lib/namerpc.py There are slightly different versions of it flying around of it, though, the nameGUI one is the latest.

The security point is good but I don't think it is a high priority as most users will use NMControl without AppArmor/SELinux (I am currently not aware of something similar on Windows). Are there any implications for configuration/setup? Then we could still add it as an option for security aware users.

phelixbtc commented 9 years ago

Note that namerpc is somewhat messy as it works with both namecoind and nmcontrol. Might be nicer to separate these functions into two modules by making the nmcontrol version class extend the namecoind version class.