On Mon, Oct 22, 2018 at 7:11 AM Edward K. Ream <[email protected]> wrote:
> In another thread I wrote: > > "Leo looks like an unverifiable cgi script to the server, which means one > user (or small, *trusted *group of users) must be *fully* responsible for > the damage Leo could cause. It might be possible to host a Leo server in a > per-user (or per-small group) virtual machine somewhere, but that's it. I > see no way to run a public, unsecured, Leo server." > Still true, but imo we can ignore security securities during development, for several reasons: 1. Initial prototyping will be confined to a single machine, mine. Communication between Leo's core and the browser will take place on localhost, just as with mod_http.py, so my firewall should prevent hackers from ever seeing that communication. 2. We only need authentication if we allow remote logins to LeoWapp. We probably will want that eventually, but those details can be ignored for a bit longer. 3. As pointed out in this thread, there are several ways to run LeoWapp in completely separate environment. If someone chooses "12345" for their password, the worst that can happen is that a hacker trashes that environment. This is how I see the situation at present. Let me know if you disagree. It's important to reach agreement on this point now. I have started design work on this project based on these assumptions. I have just created #1005 <https://github.com/leo-editor/leo-editor/issues/1005> for this design work. It supersedes #684 <https://github.com/leo-editor/leo-editor/issues/684> which I have just now closed. Edward -- You received this message because you are subscribed to the Google Groups "leo-editor" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/leo-editor. For more options, visit https://groups.google.com/d/optout.
