[volunteergrid2-l] Making our web-facing gateways NOT a rope around our necks
Zooko O'Whielacronx
zooko at zooko.com
Wed Feb 9 10:48:53 PST 2011
On Mon, Feb 7, 2011 at 2:58 PM, Jody Harris <jharris at harrisdev.com> wrote:
> I see now that the problem with web/welcome.xhtml is that it exposes the
> introducer furl, which can be remedied easily enough be removing ~10 lines
> of code.
Yes, but that's not the only way to find an introducer. Another way is
if you know or guess the IP address and port number of the introducer.
Hence Brian's comments in:
http://tahoe-lafs.org/trac/tahoe-lafs/ticket/860#comment:6
> There still remains the problem with the uri .... interface, which exposes
> the ability to store files into the grid even if the forms were removed from
> the welcome.xhtml interface.
Yes. Making it possible to control who can upload how much data to
which storage servers is the subject of the "accounting" project that
Brian is currently working on. His next step on that project is
http://tahoe-lafs.org/trac/tahoe-lafs/ticket/466 .
> So, really Tahoe-LAFS does not support sharing files unless the owners are
> willing to expose their full grid to the world.
It depends on what you mean by "expose their full grid". Also it
depends on what you mean by "the world". :-) To be more precise, I
would say: Tahoe-LAFS currently does not support sharing data with a
user while withholding from that user the ability to upload their own
data.
In practice people currently implement this by running a proxy in
front of the web gateway, for example:
http://volunteergrid.org/uri/URI%3ADIR2-RO%3A4sd6gm5l5735dw4gxahiv3cv3y%3Ai2silbemg7i74zrhc2mgktbcnwjydxqihiqcxhdjqolwunkxde3a/Latest/
> Solutions to this problem
> would necessarily be workarounds outside the use case of the Tahoe-LAFS
> developers.
It is an intended near-future use case! Until then I recommend the
proxy approach, which seems to work for most users.
Regards,
Zooko
More information about the volunteergrid2-l
mailing list