johnlauer
Minor omission in Startup Script for Linux (readme.md)
In order to add it to init.d and get it up and running, one command is missing:
$ cd /etc/init.d $ sudo chmod 755 ./serial-port-json-server
Since I am just a noob with linux stuff (read: mostly copy & paste ;-) ), I am not 100% sure if 755 is the best choice or other things might be missing. Without it, I get a not executable error msg. Source: https://nelsontrujillo.com/2015/06/03/controlling-the-cnc-with-raspberry-pi/
Serial Port Json Server runs as root in that config. It also allows remote hosts to request arbitrary scripts to be run. These two together mean anyone who gets on your network can trivially root your box. I would edit your crontab file to restrict what user
Added exec and execruntime commands. The exec command lets you simply execute any command on the host operating system as if you were logged in at the command line. This is similar to the program command which essentially was executing a command on the command line. However, now you can do any command you want. Make sure your host OS is behind a firewall as this method opens up your device to any command being executed on it. Changes in 1.86
Still doesn't look like this has been behind a commandline switch
You can’t do any command line command anymore without specifying user/password.
From: Daniel [mailto:[email protected]] Sent: Thursday, February 23, 2017 8:40 AM To: johnlauer/serial-port-json-server [email protected] Cc: Subscribed [email protected] Subject: Re: [johnlauer/serial-port-json-server] Minor omission in Startup Script for Linux (readme.md) (#58)
Serial Port Json Server runs as root in that config. It also allows remote hosts to request arbitrary scripts to be run. These two together mean anyone who gets on your network can trivially root your box. I would edit your crontab file to restrict what user
Added exec and execruntime commands. The exec command lets you simply execute any command on the host operating system as if you were logged in at the command line. This is similar to the program command which essentially was executing a command on the command line. However, now you can do any command you want. Make sure your host OS is behind a firewall as this method opens up your device to any command being executed on it. Changes in 1.86
Still doesn't look like this has been behind a commandline switch
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHubhttps://github.com/johnlauer/serial-port-json-server/issues/58#issuecomment-282047051, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AA8jlRwAWbsWTYIEBb_L7AFJrUf2lOtnks5rfbZlgaJpZM4Ln2Mh.
