Uploaded image for project: 'GPII - Global Public Inclusive Infrastructure'
  1. GPII - Global Public Inclusive Infrastructure
  2. GPII-3078

Remove all services exposed via localhost in local deployments

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None

      Description

      As we start to roll out pilots on hardware that is not owned by, we should audit all of the HTTP and WebSockets endpoints exposed by the architecture, and make sure that 

      i) at the very least, they only listen on localhost interfaces,

      ii) preferably, remove them in a production configuration and replace them with either IPC or direct function calls.

      Our HTTP-based user listener interface was primarily intended for development purposes - both for ourselves, and as an assistance to people developing new varieties of user listener.

       

      Currently known services:

      i) user listeners

      ii) the PSP channel

      iii) the "browser channel"

        Attachments

          Activity

            People

            • Assignee:
              cli@ocad.ca Cindy Qi Li
              Reporter:
              amb26 Antranig Basman
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: