diff options
| author | s-ol <s-ol@users.noreply.github.com> | 2019-10-30 10:38:13 +0000 |
|---|---|---|
| committer | s-ol <s-ol@users.noreply.github.com> | 2019-10-30 10:38:13 +0000 |
| commit | 4f5c88bd322614d9bb3a06d53eedbaa1d710495d (patch) | |
| tree | 8e80c043881f5daaabf6fe2b3f408e3129674998 /root | |
| parent | make security vulnerabilities optional, remove sandbox (diff) | |
| download | mmm-4f5c88bd322614d9bb3a06d53eedbaa1d710495d.tar.gz mmm-4f5c88bd322614d9bb3a06d53eedbaa1d710495d.zip | |
add ba_log 2019-10-29
Diffstat (limited to 'root')
| -rw-r--r-- | root/articles/mmmfs/ba_log/2019-10-29/text$markdown.md | 38 | ||||
| -rw-r--r-- | root/articles/mmmfs/ba_log/2019-10-29/video/video$mp4.mp4 | bin | 0 -> 3944233 bytes |
2 files changed, 38 insertions, 0 deletions
diff --git a/root/articles/mmmfs/ba_log/2019-10-29/text$markdown.md b/root/articles/mmmfs/ba_log/2019-10-29/text$markdown.md new file mode 100644 index 0000000..9656562 --- /dev/null +++ b/root/articles/mmmfs/ba_log/2019-10-29/text$markdown.md @@ -0,0 +1,38 @@ +Today i implemented updating/saving content in the server, and bridged the feature to the client. +In the inspector there is now a `save changes` button that (attempts to) save the content on +the server's filesystem \[[`4b8d9be`][4b8d9be]\]. + +<mmm-embed path="video" nolink>demonstration of editing and persistantly saving facet</mmm-embed> + +Originally I wanted to create a `sandbox` fileder that was to be edited by any one online \[[`d9eafa2`][d9eafa2]\]. +I restricted editing to only fileders underneath `/sandbox`, but then upon publishing quickly realized +that this left open a major security vulnerability, since content can be evaluated on server or client: +if a client were to create a facet `exploit: text/lua -> text/plain` with the following content in the root: + +```lua +pass = io.open('/etc/passwd', 'r') +return pass:read("*all") +``` + +...and then request that facet as converted to `text/plain` (`GET /exploit: text/plain`), +then that Lua code would be executed on the server, and return the confidential `passwd` file on the server. +This basically meant handing anyone online full unconditionaly access to my server +(or at least the VM running the website, and potentially options to escalate from there). + +As a result I had to choose to either disable public editing, or disable server-side code execution. +Because server-side execution is a major feature of mmmfs, I settled for the following compromise \[[`1e3b0a1`][1e3b0a1]\]: + +- when developing and running locally, editing and code execution are both enabled in 'unsafe mode' +- on https://ba.s-ol.nu, editing is disabled but code execution is possible +- on https://sandbox.s-ol.nu, editing is enabled but code server-side code execution is disabled + +The Sandbox can now be found at the following address, at least until the thesis project is concluded: + +# [`sandbox.s-ol.nu`](https://sandbox.s-ol.nu) + +Currently it is only possible to edit existing facets, +but creation and deletion of facets and fileders should be implemented soon. + +[4b8d9be]: https://git.s-ol.nu/mmm/commit/4b8d9be10e4517114c0c216fa24aaaa310503d4a/ +[d9eafa2]: https://git.s-ol.nu/mmm/commit/d9eafa21ad1d6ad340b5744d69e9fc68ce2083cb/ +[1e3b0a1]: https://git.s-ol.nu/mmm/commit/1e3b0a12060dce916b686921c94520202c4cb130/ diff --git a/root/articles/mmmfs/ba_log/2019-10-29/video/video$mp4.mp4 b/root/articles/mmmfs/ba_log/2019-10-29/video/video$mp4.mp4 Binary files differnew file mode 100644 index 0000000..162d0fc --- /dev/null +++ b/root/articles/mmmfs/ba_log/2019-10-29/video/video$mp4.mp4 |
