@@ -2,7 +2,7 @@ Threats against a rented service server:
...
@@ -2,7 +2,7 @@ Threats against a rented service server:
Threat 0 : Usability over security
Threat 0 : Usability over security
0a) Ssh must be reachable from the outside on all machines, as admins need to log as root
0a) Ssh must be reachable from the outside on all machines, as admins need to log as root
Ergo : As All services are required in some normal circumstances, most machines will have two or more services reachable from the outside
Ergo : As all different services may be required in normal circumstances, most machines will have two or more services reachable from the outside
(In the future, there could be one ssh-only port forwarded machine on the LAN to act as an admin proxy, with other ssh services only available on the LAN)
(In the future, there could be one ssh-only port forwarded machine on the LAN to act as an admin proxy, with other ssh services only available on the LAN)
0b) All non-root users are assumed "public access", either for missions or for open-source scripts
0b) All non-root users are assumed "public access", either for missions or for open-source scripts
Ergo : close-sourced scripts should use root access
Ergo : close-sourced scripts should use root access
