That is one of the beauties of programs written around standard tools like 
‎sql. You can hook into the database and add features, or not. ;-)

In defense of web interfaces, you can hand off that administration task to 
someone else without granting login access to the server. Or depending on your 
setup, the web interface could be restricted to lan facing only, such as in the 
proposed ddwrt setup. 

It might pay to check out the XMPP pentest tools if what sounds like a total 
rewrite of jabberd is in the works.



  Original Message  
From: brahmann
Sent: Monday, May 30, 2016 8:26 AM
To: jabberd2@lists.xiaoka.com‎
Reply To: jabberd2@lists.xiaoka.com
Subject: Re: Future of jabberd

Agree (web).
I wrote some years ago simple web interface for jabberd2, need to review 
it and rewrite for new one later. Its will be good for those who want it 
but not in jabberd2 code inside.

Using it with mysql and postgresql - works perfectly


wbr, brahmann

On 30.05.2016 16:43, li...@lazygranch.com wrote:
> Regarding item 4, seriously, does everything ‎these days have to have a web 
> interface? It just increases the attack surface. Adding a web interface means 
> one more thing to protect against hackers, which means writing rules for the 
> WAF or adding something else for fail2ban or sshguard to watch.
>
> Most services have a "reload" and "restart" in the service command. It really 
> isn't a burden to use them. The burden is to have yet another means to 
> restart the service.
>
> Personally, I viewed the XML setup as a feature since it is self documenting.
>
> My preference would be for better sqlite support. That is add and delete 
> users from sqlite3 rather than mysql.
>




Reply via email to