You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is for the very distant future - a ticket to accumulate all suggestions for Web UI to control AcraServer. Each suggestion will turn into separate issue.
[ ] Enable WebUI via port knocking
[ ] MFA Authenticate WebUI via side channel (OTP delivery integration)
The text was updated successfully, but these errors were encountered:
WebUI is a part of attack surface for crown's jewels, so we need it to be as secure as possible
[ ] Preferably, simple stateless interface
[ ] Typesafe inputs
[ ] OTP
[ ] Run WebUI as a parallel service in parallel user/container: harder to install, at least some compartmentation if attacker does RCE / fallthru
[ ] WebUI <> AcraServer via strong typed API, in a Thrift-like fashion (we will accept your garbage, we just won't process it anywhere).
[ ] IP ACL
This is for the very distant future - a ticket to accumulate all suggestions for Web UI to control AcraServer. Each suggestion will turn into separate issue.
[ ] Enable WebUI via port knocking
[ ] MFA Authenticate WebUI via side channel (OTP delivery integration)
The text was updated successfully, but these errors were encountered: