Continuing the discussion from D2.2 update:
I’m replying in DREAM to avoid footshooting and leaking security issues
In a second step, maybe @Nemael can have a look, we would send actual messages from file.txt
. I understand all the difficulty it adds in terms of security, so I want to clarify a couple of things. First, we would put this code on expandable machines, that would eventually be deployable from Git if @dvn and I have time to play this card, or for which I would maintain snapshots so we can reset the demo at will in case the VMs are attacked. Then of course, we’d limit the access to these sockets to our controlled sources to contain the attack vector with a firewall. It’s not bullet-proof but it would make a much stronger case for the MR during a demo.
In this case, upsycle-send
would take in an arbitrary message – not only pre-defined commands --, encode it, and send it to the service on one of the available routers. The nature of the message would be a simple “Hello, world.”, and some short RDF (less than a screen length), just to demonstrate.
I’m setting up A, B, and C on three different machines on 3 LANs (and 2 datacenters), and running on 3 OSes (NixOS, Debian, and Alpine Linux). I will provide the setup documentation for each OS.