[tahoe-lafs-trac-stream] [tahoe-lafs] #1535: Allow restricting Tahoe-LAFS gateway to one user
tahoe-lafs
trac at tahoe-lafs.org
Wed Sep 14 10:10:06 PDT 2011
#1535: Allow restricting Tahoe-LAFS gateway to one user
---------------------------------+---------------------------
Reporter: LoneTech | Owner:
Type: enhancement | Status: new
Priority: minor | Milestone: undecided
Component: code-frontend-cli | Version: 1.8.2
Keywords: wui cli socket unix | Launchpad Bug:
---------------------------------+---------------------------
It's fairly easy to limit the node interface, by setting something like:
web.port = unix:/home/$USER/.tahoe/websocket:mode=600
The problem is, web browsers can't connect to it. That much is expected,
but neither can the tahoe CLI. It refuses any node.url that does not begin
with http or https, and I found no way to make it connect to a UNIX
socket.
The downside with a TCP socket is it lets all local users use the
filesystem, even if they can't find your files in it without the caps.
--
Ticket URL: <http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1535>
tahoe-lafs <http://tahoe-lafs.org>
secure decentralized storage
More information about the tahoe-lafs-trac-stream
mailing list