From: Vladimir V. <vl...@ve...> - 2011-04-12 02:08:17
|
I am not sure what the right approach is. We could provide optional authentication but this may be better addressed by people implementing access controls in Apache ie. adding Basic auth to particular URLs. You could certainly easily "disable" writing by setting proper permissions on conf/ directory. This may be a non-issue for lots of people who are behind firewalls and do not want an extra level of authentication. Perhaps we should just document some of these approaches instead of reinventing the authentication. Thoughts ? Vladimir On Sun, 10 Apr 2011, Alex Dean wrote: > > On Apr 6, 2011, at 1:34 PM, Bernard Li wrote: > >> Hi all: >> >> On Wed, Apr 6, 2011 at 11:14 AM, Vladimir Vuksan <vl...@ve...> wrote: >> >>> I spoke to Bernard and we are considering doing a code freeze of the Web >>> 2.0 UI. I'd like to release it by the end of month so that people can start >>> using it. >> >> Yeah, let's try to get this out soon. >> >>> From the TODO https://sourceforge.net/apps/trac/ganglia/browser/branches/monitor-web-2.0/TODO, >> I'd like to get the following done before the code freeze: >> >> - Add back the Ganglia logo >> - Provide an easy method for user to add their organization's logo > > In my opinion, the new UI features which write to the file system on the web server (to save view definitions, etc) should require some kind of authentication. Allowing any random user to change the UI's configuration seems like a hole we should fill before releasing. > > Does anyone use the 'private clusters' feature which is implemented in auth.php? Seems like we could use this authentication mechanism, though I did have a few concerns. > - The authentication database is a 'private_clusters' text file, stored in the same directory as auth.php. That means I could take a look at http://site.com/ganglia/private_clusters via my web browser and download the whole list of cluster names & MD5 hashes. > - I'm not a crypto guy, but I believe the MD5 algorithm is now widely considered to be insecure, and not something we should be relying on. http://en.wikipedia.org/wiki/MD5#Security > > Before release, I suggest we: > - Move the private_clusters file outside Apache's DocumentRoot. Maybe @sysconfdir@/private_clusters? > - Update auth.php to use a more secure (but still widely available) hashing algorithm. SHA1 or otherwise? > - Require authentication for actions which can change UI configuration, like creating/altering views, or for any other action which might write user data to the web server's filesystem. > - Support a wildcard cluster name in private_clusters, or a 'root' user, so an admin would only need to define 1 password to be able to edit anything in any cluster. Maybe that's what the 'control' context is for? > > alex > ------------------------------------------------------------------------------ > Xperia(TM) PLAY > It's a major breakthrough. An authentic gaming > smartphone on the nation's most reliable network. > And it wants your games. > http://p.sf.net/sfu/verizon-sfdev > _______________________________________________ > Ganglia-developers mailing list > Gan...@li... > https://lists.sourceforge.net/lists/listinfo/ganglia-developers > |