search

pimoroni / pirate-audio

Examples and documentation for the Pirate Audio range of Raspberry Pi add-ons
MIT License
248 stars 50 forks source link

Anybody can attach to iris client #11

Closed Rocketansky closed 1 year ago

Rocketansky commented 4 years ago

After the installation the small display shows the IP address with the port. I accessed it with a web browser and got directed to the iris client. Immediately I had access to the client and to files it controls. As this is a WLAN connection anybody in the same WLAN could do that.

If I enter my Spotify credentials anybody could use it - I guess.

docmollo commented 4 years ago

If you read the docs for Mopidy, and look at your config file, you'll see that you need to edit the allowed_origins config option.

Rocketansky commented 4 years ago

@docmollo I don't see how this solves the problem that the iris client is vulnerable as a puppy dog.

docmollo commented 4 years ago

First, to be clear, Pimoroni has nothing to do with Iris. If you're not happy with Iris, there are other options you could install. Not sure if any of them have authentication options.

Looks like I mis-read what allowed_origins does. It has nothing to do with limiting the clients that can connect to the Mopidy web server.

If you're really concerned about who can connect to the web interface, you should look into setting up firewall rules.

Gadgetoid commented 4 years ago

In the interest of clarity I'm labelling this as wontfix/documentation. Not so much because we don't maintain Iris, but because this configuration is intentional but I do think we might be able to better document why it's set up this way and what risks it might entail.

Security is a sensititve topic, but secure-by-default configurations are unfortunately not accessible, resulting in extra load on our support team (and, frankly, me).

I am, arguably to a fault, singularly focussed on making setup as easy and frictionless as possible for end users. Most people just want it to work quickly and simply.

I'm operating under the assumption that Iris is a very low risk security concern, and that those who prefer a secure configuration will know how to set it up.

Do you have any insights as to why you'd prefer a secure configuration, or what the risks (short of family members simply rickrolling each other) of this set up might be?