Don't trust any client that you put in the hands of someone else. i.e. mobile client, client-side web app, etc. It would take anyone with a packet sniffer 5 seconds to figure out you're using Riak and then they have the Riak docs to step them through how to read/write arbitrary values from your cluster.
On Fri, May 27, 2011 at 3:02 AM, Ben Tilly <[email protected]> wrote: > I would strongly advise you that mobile clients should not be trusted to > access your data directly. Because someone *will* reverse engineer them, > and *will* see what they can see. You really do need an API between your > mobile application and the mobile service. > > I know you think you don't. You're headed down the common path of blocking > things that you know are risky. However decades of experience say very > clearly that allowing requests by default then blocking what is known to be > harmful is a recipe for security disaster. The ONLY sane approach is to > block everything, then allow only what is KNOWN to be safe. Talk to any > security expert than they will agree, you absolutely don't want to hand out > raw access to your data (including inserts and deletes) to untrusted > clients. > > As for your assertion that the cloud just failed for you if you have an API > - nothing could be farther from the truth. A front end API on top of Riak > can be a very thin layer that can run on multiple machines with load > balancing and failover using a variety of standard techniques. > > For your use case you should build an API. Really. > > > On Thu, May 26, 2011 at 11:10 PM, Antonio Rohman Fernandez < > [email protected]> wrote: > >> "In our case, the only nodes that are allowed to hit the Riak cluster are >> those of our applications"... what if your app is more complex than that and >> you have thousands of servers all around the world ( different datacenters, >> different networks ) with crawlers, scanners, blackboxes, etc... all >> communicating with Riak and adding/removing new >> scanners/crawlers/blackboxes/etc... every now and then... quite troublesome >> to set up and maintain a firewall for that. >> >> "It is not recommended that you deploy Riak on the public internet"... >> what if apart from webservers with a web-app i want to build >> iPhone/iPad/Android apps that access Riak directly? one thing i love from >> Riak is its RESTfull architecture, but if i have to build some API somewhere >> for the mobile apps to interact with Riak... well... the 'cloud' paradigm >> just vanished for me... also, i would have a single point of failure on the >> API implementation. >> >> any other suggestions? >> >> Rohman >> >> On Fri, 27 May 2011 01:20:00 -0400, Alexander Sicular <[email protected]> >> wrote: >> >> Hi Rohman, >> >> It is not recommended that you deploy Riak on the public internet. Keep >> all access private and then implement iptables on each individual node >> securing access to upstream clients. >> >> Ports to keep in mind - >> >> http(s) port (8098) >> protocol buffers port (8099) >> epmd (4369) >> forcing the range of ports erlang uses to communicate amongst other erlang >> nodes. >> >> The latter is not part of the default configuration but I think it should >> be. At least commented out in app.config. >> >> Put it right at the top of the config array above the riak_core >> directives like so: >> >> [ >> %% limit dynamic ports erlang uses to communicate >> %% pick some range that works in your environment >> %{kernel, [ >> % {inet_dist_listen_min, 21000}, >> % {inet_dist_listen_max, 22000} >> %]}, >> %% Riak Core config >> {riak_core, [ >> ... >> Cheers, >> >> Alexander Sicular >> @siculars >> http://sicuars.posterous.com >> >> On Friday, May 27, 2011 at 12:55 AM, Antonio Rohman Fernandez wrote: >> >> hello all, >> >> http://IP:8098/riak?buckets=true [ will show all available buckets on >> Riak ] >> http://IP:8098/riak/bucketname?keys=true&props=false [ will show all >> available keys on a bucket ] >> >> to me, this proves a very big security risk, as if somebody discovers your >> Riak server's IP, is very easy to read all the information from it, even if >> you try to obfuscate the buckets/keys... everything is highly readable. >> there is any way to disable those options? like {riak_kv_stat, false} >> hides the /stats page >> >> thanks >> >> Rohman >> >> [image: line][image: logo] <http://mahalostudio.com> *Antonio Rohman >> Fernandez* >> CEO, Founder & Lead Engineer >> [email protected] *Projects* >> MaruBatsu.es <http://marubatsu.es> >> PupCloud.com <http://pupcloud.com> >> Wedding Album <http://wedding.mahalostudio.com>[image: line] >> >> _______________________________________________ >> riak-users mailing list >> [email protected] >> http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com >> >> -- >> >> [image: line][image: logo] <http://mahalostudio.com> *Antonio Rohman >> Fernandez* >> CEO, Founder & Lead Engineer >> [email protected] *Projects* >> MaruBatsu.es <http://marubatsu.es> >> PupCloud.com <http://pupcloud.com> >> Wedding Album <http://wedding.mahalostudio.com>[image: line] >> >> >> _______________________________________________ >> riak-users mailing list >> [email protected] >> http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com >> >> > > _______________________________________________ > riak-users mailing list > [email protected] > http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com > >
_______________________________________________ riak-users mailing list [email protected] http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com
