mirror of
https://git.0x0.st/mia/0x0.git
synced 2024-11-22 00:47:12 +01:00
README: Warn users about URL fetch network security implications
This commit is contained in:
parent
c7a728ce84
commit
afb5811879
1 changed files with 14 additions and 0 deletions
14
README.rst
14
README.rst
|
@ -42,3 +42,17 @@ the following:
|
|||
|
||||
* Caffe Python module (built for Python 3)
|
||||
* ``ffmpegthumbnailer`` executable in ``$PATH``
|
||||
|
||||
|
||||
Network Security Considerations
|
||||
-------------------------------
|
||||
|
||||
Keep in mind that 0x0 can fetch files from URLs. This includes your local
|
||||
network! You should take precautions so that this feature cannot be abused.
|
||||
0x0 does not (yet) have a way to filter remote URLs, but on Linux, you can
|
||||
use firewall rules and/or namespaces. This is less error-prone anyway.
|
||||
|
||||
For instance, if you are using the excellent `FireHOL <https://firehol.org/>`_,
|
||||
it’s very easy to create a group on your system and use it as a condition
|
||||
in your firewall rules. You would then run the application server under that
|
||||
group.
|
||||
|
|
Loading…
Reference in a new issue