You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
OliveTin should be reasonably secure. Here are some security considerations in
the design of the app;
1. Admins have full control over what commands can by run using `config.yaml`.
2. OliveTin does not accept any action (command) arguments by design at the
moment, as this has huge potential for exploitation and needs to be handled
carefully.
3. OliveTin listens on just 1 open public port by default (1337). The rest of
the ports only listen on `localhost` so you don't have to worry about them in
your firewall.
4. Standard Linux controls can be used to run OliveTin as non-root, with `sudo`
permissions if needed. See the action customization section of these docs for
more details.
. Admins have full control over what commands can by run using `config.yaml`. OliveTin does NOT write to the config.yaml in any way.
. OliveTin listens on just 1 open public port by default (1337). The rest of the ports only listen on `localhost` so you don't have to worry about them in your firewall.
. Standard Linux controls can be used to run OliveTin as non-root, with `sudo` permissions if needed. See the action customization section of these docs for more details.
