Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add authentication #47

Open
samyk opened this issue Mar 17, 2016 · 5 comments
Open

Add authentication #47

samyk opened this issue Mar 17, 2016 · 5 comments

Comments

@samyk
Copy link

samyk commented Mar 17, 2016

John, awesome project! This has been working great so far.

As the project grows, more and more users are going to be running this on public IPs so they can reach their CNC mill at home. The day will come when someone uses shodan.io or similar to find all (publicly accessible) SPJS servers and mass-carves something bad into everyone's waste board! Especially as more people run it on RasPis and port forward so they can access their cam/mill/etc remotely.

Wanted to start considering an authentication feature to prevent this. Some requirements I think would be good:

  • on by default (config option to turn it off)
  • generates a strong, random password for the user upon first startup and provides it in the console
  • passwords are hashed using strong hash+salt (eg bcrypt)
  • stores the user/hashed password(s) in a simple text file (config file time?)
  • in web interface, remember username/password forever by default so user never needs to log in again (not part of SPJS technically)
  • optional mode (NOT on by default) to not require passwords for the same subnet (eg, their LAN, based off of ifconfig/ip settings)
  • optional mode (NOT on by default) to not require passwords at all
  • option to flush/reset passwords

Thoughts? Happy to possibly implement this myself as well but wanted to work out the requirements and get your ideas.
@chilipeppr
Copy link
Collaborator

One core thought has been to not have SPJS handle authentication rather
have it handled at an alternate/higher layer. Memcache works this way with
no password management and it's a hugely popular server. The model is to
let the firewall handle the security.

However, I think authentication would be cool to even have the CP cloud
know that you have SPJS running so that CP can auto connect to your SPJS
rather than having you scan your subnet.

I would just go with Google's authentication and follow suit exactly with
how I did CP's login system.

On Thu, Mar 17, 2016 at 1:32 AM, Samy Kamkar [email protected]
wrote:

John, awesome project! This has been working great so far.

As the project grows, more and more users are going to be running this on
public IPs so they can reach their CNC mill at home. The day will come when
someone uses shodan.io or similar to find all (publicly accessible) SPJS
servers and mass-carves something bad into everyone's waste board!
Especially as more people run it on RasPis and port forward so they can
access their cam/mill/etc remotely.

Wanted to start considering an authentication feature to prevent this.
Some requirements I think would be good:

  • on by default (config option to turn it off)
  • generates a strong, random password for the user upon first startup
    and provides it in the console
  • passwords are hashed using strong hash+salt (eg bcrypt)
  • stores the user/hashed password(s) in a simple text file (config
    file time?)
  • in web interface, remember username/password forever by default so
    user never needs to log in again (not part of SPJS technically)
  • optional mode (NOT on by default) to not require passwords for the
    same subnet (eg, their LAN, based off of ifconfig/ip settings)
  • optional mode (NOT on by default) to not require passwords at all
  • option to flush/reset passwords

Thoughts? Happy to possibly implement this myself as well but wanted to
work out the requirements and get your ideas.


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub
#47

@DanielJoyce
Copy link

DanielJoyce commented Feb 23, 2017
edited
Loading

They can do more than that.

Added exec and execruntime commands. The exec command lets you simply execute any command on the host operating system as if you were logged in at the command line. This is similar to the program command which essentially was executing a command on the command line. However, now you can do any command you want. Make sure your host OS is behind a firewall as this method opens up your device to any command being executed on it. Changes in 1.86

In the reccomended install and init scripts, SPJS runs as root! If it is on a public facing ip, a remote attacker effectively has root access to the box and can do anything they want!

exec rm -rf /for example. Or create a login account with root credentials.

MEMCACHED doesn't let you run arbitrary system commands.

@johnlauer
Copy link
Owner

johnlauer commented Feb 23, 2017 via email

@DanielJoyce
Copy link

DanielJoyce commented Feb 23, 2017
edited
Loading

I don't think you grasp how incredibly unsafe this is. You're asking every user out there to ensure they have NAT and a firewall set up properly on their home network.

What happens if someone goes to makerfaire or their makerspace with SPJS and their 3D printer and forgets that when they have it running, they effectively are broadcasting root access to their box?

@chilipeppr
Copy link
Collaborator

chilipeppr commented Feb 23, 2017 via email

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@samyk @DanielJoyce @johnlauer @chilipeppr