incubator-callback-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Patrick Mueller (Created) (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CB-80) provide ability to limit access to clients and targets via white-list
Date Tue, 29 Nov 2011 16:41:42 GMT
provide ability to limit access to clients and targets via white-list
---------------------------------------------------------------------

                 Key: CB-80
                 URL: https://issues.apache.org/jira/browse/CB-80
             Project: Apache Callback
          Issue Type: New Feature
          Components: weinre
            Reporter: Patrick Mueller
            Assignee: Patrick Mueller


For the weinre server, Marian Ignev created a set of commits to allow client access to be
whitelisted by ip address.  The pull request is [here|https://github.com/callback/callback-weinre/pull/6].

This is new API, so I'd like to have a discussion about the best way to handle it.

The basic API is a new command-line option(s) which provide the white-list of allowed weinre
clients.  If a client not on the white-list tries to connect, the connection is denied.

Some questions:

1) What's the use case?

2) Should the white-list be ip addresses, ip addresses with globs (9.27.*.*), DNS-able names,
???  Separated by commas seems safe.

3) Should we provide this capability for weinre targets as well?  Seems like yes, or at least
pretend like we might want to in the future.  Why wasn't this added in the first place?

4) For future proofing, if we just do the weinre client then the option name should have "client"
in it's name somewhere.

5) There's an impact to performance and security if we do allow DNS-able names.



--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message