Closed strazto closed 3 years ago
Using network.scgi.open_port
means any user on the machine you run rTorrent on can execute arbitrary commands with the permission of the rTorrent runtime user.
And of course a proper web server config uses basic auth with https, the above is a minimal example, from 2014.
Gotcha, thanks. The distinction was a bit fuzzy to me, as I couldn't tell what specifically the wiki took issue with, but knowing that's the main reason for that aspect helps.
https://github.com/rakshasa/rtorrent/wiki/RPC-Setup-XMLRPC I've:
network.scgi.open_port
(besides conceding that it can be done)Been very explicit in all examples about the need for auth
In the wiki, we're strongly discouraged from using
network.scgi.open_port
, and instead should use a reverse proxy to forward to a local socket.https://github.com/rakshasa/rtorrent/wiki/RPC-Setup-XMLRPC
We're also strongly advised that the following nginx.conf is insecure
It's not explicit why exactly this is insecure, & the prevailing advice seems to be "use unix domain sockets, they're more secure".
If I was going to comment on where the real problem with the quoted configs lie I'd say:
0.0.0.0
- all interfaces, and presumably forwarding full rtorrent rpc access to the publicAFAIK, that's the extent of it.
If I was going to speak to why people like unix domain sockets, it seems to be that:
ugo
permissions on the sockets, so you have decent control about which processes are able to read/write/see your socket.is the "fix" here that:
Dos using a local socket, & proxy_pass ing to that add any further security? It's not clear from the wiki