We have moved at community.getvera.com

Author Topic: Protecting from plugins?  (Read 1671 times)

Offline patrick

  • Sr. Newbie
  • *
  • Posts: 31
  • Karma: +0/-0
Protecting from plugins?
« on: November 02, 2012, 01:49:45 am »
I just started looking at how the device is secured, and noticed that everything except dnsmasq is running as root.  The first plugin I looked at (Wake on Lan) passes the MAC onto a binary running as root with no data sanitation.

At this point, it doesn't look like there's any protection from a malicious user (or app) on LAN side of the Vera.  Without any privilege separation, I'm better off controlling access to the Vera itself, rather than trying to harden plugins.  Is there any plan to change this in the future?

This might be a good reason for me to go back to double NAT.  None of the wireless (or wired) clients would be on the same subnet.  That would force all clients to at least authenticate to cp.mios.com first, but would slow actions down.

Offline futzle

  • Beta Testers
  • Master Member
  • *****
  • Posts: 3260
  • Karma: +192/-9
Re: Protecting from plugins?
« Reply #1 on: November 02, 2012, 02:42:24 am »
Without any privilege separation, I'm better off controlling access to the Vera itself, rather than trying to harden plugins.

Darn right you are.  MiOS is built on top of OpenWrt, which historically does most things as root (so it's not really MCV's fault).  Also UPnP doesn't care much for authentication/authorization, so you've got no security there either (again, not MCV's fault).  You'll find many posts from me littered around the place with the word "subnet" in them.  Find them by searching so I don't have to repeat myself.

Let us know if double NAT works.  I've got a suspicion that it won't; cp.mios.com will see that both come from the same global IPv4 (upstream NAT) and insist on passing you through to the local address, unaware that the downstream NAT prevents clients from seeing Vera.