Additional protection for web interface (access control) #75
Comments
dergigi
added
enhancement
dergigi
modified the milestones:
v0.0.3 - Join the Market,
v0.0.4 - User Friendliness Go Up!
|
I'm not sure how critical this is, i.e. if we should implement this for v0.0.3 or move it to the next version. On the one hand, every wallet is protected by a password, but on the other hand, that password is set by the user and might be really bad and easily brute-forced. Thoughts @dnlggr @theborakompanioni @dennisreimann? |
Since we are proxying requests and therefore exposing the server api, we have a responsibility here. In umbrel we can make use of
As far as I understand, most of the work for this has to be done in the runtime environment (e.g. web server - nginx in our case), but we need at least a mode in the ui (e.g. with a build flag) where we ask for a password on the very first screen (before loading the wallets) and include it in every request.. did I understand that correctly? However.. can we use a |
See joinmarket-webui/jam-docker#12 |
|
ghcr.io/joinmarket-webui/joinmarket-webui-dev-standalone has been uploaded and is used in #99. 🚀 |
Issue raised by Mr. Kukks and briefly discussed in Call 8.
The Web UI endpoint might be exposed publicly, e.g. via Umbrel, since everything that runs on Umbrel might be exposed and accessible via
<public-ip>- so anyone might go to<public-ip>/joinmarketand access the interface.By default, all wallets are password protected and locked, so this might not be as critical as one might think at first, but some access control might be good in any case. See RTL, Thunderhub, et. al. They all have the same problem and solve it in a similar way.
This Umbrel announcement might be relevant: https://community.getumbrel.com/t/umbrel-0-4-8-is-out-with-cryptographically-secure-default-app-passwords/4696
The text was updated successfully, but these errors were encountered: