On Aug 01, 2013 1:54 PM Kevin wrote:
On Thu, Aug 1, 2013 at 11:33 AM, Joel Davidson <email@example.com> wrote:
I know Bruce put some
basic levels of security via passwords into mh, but just how secure
does that make it? I think anyone who puts a misterhouse system on
the internet without additional levels of security is asking for
Completely agree. In my opinion the security within MH is a joke, it is there to prevent authorized users from accidentally ending up where they shouldn't be, but it does a poor job of securing against hackers.
I can’t state this with enough urgency; if someone places MH on an open web server it “will” be hacked. Probably not to run up your electric bill or play poltergeist tricks but rather to turn your system into a spam spewing bot. There are enough remote code execution holes in MH to run a truck through. Someone with the right skills can execute any Perl code they choose through the web server interface. The http server and json server allow a request for any object by “eval”ing the URL parameters; this is a major no-no for a secure system.
I’m not even sure what Kevin has done here is adequate unless he is using SSL between the browser and the apache proxy. If someone sitting in an airport, Starbucks, etc. captures the session and grabs the proxy password then it’s all over. I run an SSL tunnel from my laptop to my outside server/firewall (equivalent to the system where Kevin is running the apache proxy). With the tunnel up I have a routed connection with SSL encryption between my laptop and the inside of my network. Unfortunately this doesn’t work for my iPhone since I don’t have a SSL tunnel app. I think if you could figure out how to use SSL with Kevin’s technique you would have essentially the same level of security but it would work for most any client.
BTW, I hope you all resist the urge to put your electronic door locks on the internet “especially” using some 3rd party service. I live in this world of vendor supplied code placed into open internet access. Vendors, but not my company J, are especially negligent in securing their software; given its closed nature you have no way to analyze the code.