If the server is a localhost, both client and server can be on the same machine. See openROV for examples https://github.com/OpenROV
On Wednesday, February 12, 2014 7:45:08 AM UTC+11, Jake Swensen wrote: > > I'm new to web applications as well, hence the question. Clarification > question: When using the web sockets protocol, the client and server are > running on two different pieces of hardware, correct? If so, that's great, > because this is the general direction I am heading in with this exercise, > however (and I should have been clear on this) my current situation is that > I am hosting the php page on the bbb in the /home/ubuntu/public_html folder > with the binary executable in that folder as well. In this case, would it > be best to do what Rusty suggested and create a group with write > permissions to the device nodes and a udev rule that set up the devices to > have write permission by that group? > > I would like to explore both options. After a quick Google search on web > sockets, I came across libwebsockets. Would this project implement the web > socket protocol you mentioned? > > Any suggested reading material (even if I need to buy it) would also be > appreciated. > > Thanks again! > Jake > > On Tuesday, February 11, 2014 4:16:47 AM UTC-6, Jack Mitchell wrote: >> >> On 10/02/14 21:34, William Hermans wrote: >> > Jack, >> > >> > Ok perhaps I am missing something, and I by no means mean to be >> > adversarial here. I am just curious, so If i am missing something >> > please feel free to enlighten me. >> > >> > What is the difference between using setuid(0) and having a web socks >> > app running the app ? >> >> The web socket doesn't run the app, the app is always running, probably >> started as a daemon from the init system, and accepts messages from the >> web socket. Therefore there is no direct execution of a setuid binary >> from the web interface. >> >> > Here is my thinking. If you write the app/service >> > correctly, all anyone is going to be able to do is switch on / off an >> > LED. Yes, perhaps you do not want *EVERYONE* doing this, but how will >> > this solution solve that specific problem ? Unless I am missing >> > something . . . nothing can, short of having a user login screen for >> the >> > web interface. >> >> The issue isn't really with _who_ turns the LED on and off, that is a >> application specific decision. The issue is with the ability to control >> and execute a setuid binary from a possibly insecure, maybe even on the >> open web application. >> >> Cheers, >> >> -- >> Jack Mitchell ([email protected]) >> Embedded Systems Engineer >> Cambridgeshire, UK >> http://www.embed.me.uk >> -- >> > -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups "BeagleBoard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
