[mythtv] MythWeb
tortise
tortise at paradise.net.nz
Sat Feb 1 22:19:13 UTC 2014
On 31/01/2014 8:03 a.m., Jay Ashworth wrote:
> ----- Original Message -----
>> From: "Jean-Yves Avenard" <jyavenard at gmail.com>
>
>>> I don't think that was the point Jay was making. If you take over
>>> port 80,
>
>> Why would you need to take over port 80?
>
> Let's skip the strawmen, and cut to the chase, shall we?
>
> "If the MythTV backend core is replying to HTTP requests coming from the
> Internet at large, it's bugs become security bugs, which could lead to
> an attack by whatever user Mythbackend runs as. If that's root, you could
> lose the whole machine, not just the recordings."
>
> Doesn't matter which port you have it on.
What about remote access to a pc (then to a browser) on the LAN from
anywhere, and bypass the question of the need for supersecurity on the
backend webserver/service at all (and keep development time on the best
value add)?
More information about the mythtv-dev
mailing list