2,703
edits
Changes
Jump to navigation
Jump to search
Line 61:
Line 61: − + Line 69:
Line 69: − * IMHO, these 2 are the main security holes in Zynthian. For solving it, we have to:+
→About Zynthian Security
FYI, everything in Zynthian is executed as root user. The Pi user in the new PiOS images have sudo rights, so i don’t see a big security difference between the Gorgona and the PiOS images. PiOS is about automation and evolution, but currently it doesn’t improve security AFAIK.
FYI, everything in Zynthian is executed as root user. The Pi user in the new PiOS images have sudo rights, so i don’t see a big security difference between the Gorgona and the PiOS images. PiOS is about automation and evolution, but currently it doesn’t improve security AFAIK.
Everybody wanting to connect his Zynthian to a “not secure” network (every network not controlled by himself should be considered “not secure” :wink: ) SHOULD CHANGE the default zynthian password. You can do that from the webconf tool.
Everybody wanting to connect his Zynthian to a “not secure” network (every network not controlled by himself should be considered “not secure” ;-) ) '''SHOULD CHANGE the default zynthian password'''. You can do that from the webconf tool.
Also, you have to understand that:
Also, you have to understand that:
* When a MOD-UI layer is created in zynthian, the MOD-UI server run completely open for everybody in the local network.
* When a MOD-UI layer is created in zynthian, the MOD-UI server run completely open for everybody in the local network.
IMHO, these 2 are the main security holes in Zynthian. For solving it, we have to:
# Use HTTPS for webconf tool.
# Use HTTPS for webconf tool.