Why SuperUser can't speak or whisper
#72
Comments
|
The SuperUser is a special account for initial configuration not suitable for regular use (kind of like you wouldn't use the root/Administrator account on your own computer all the time), so this discourages regular use. The proper way to do this, no matter which server implementation you use, is to set up ACLs for registered users with certificates so that you have fine-grained permission control. (But see #71.) I don't know if this fits nicely into your use-case. I guess you're not very keen on registration and certificates, so an alternative is to use access tokens and give that group the required permissions. In that case, as long as they know the token (password), the user can have rights AND be identified as themselves. But it is less secure compared to certificates, of course, because they can in theory be brute-forced. |
|
Thanks @rubenseyer for your reply, and yes, I agree with everything you say and it makes perfect sense. We are using Grumble in Wahay to start a local server and then users can join that server throw the Tor network using onion services. Therefore, in our case it's no a security problem granting all the privileges to the We have a Grumble fork here and if you want to take a look at the Wahay code check it out here. We would appreciate any contribution to the project. |
grumble/pkg/acl/acl.go
Line 95 in 6f8c2bf
I've looking into this code, and found that the
SuperUsercan't talk or whisper and that is strange, so we want to know what is the reason behind this decision.We are using Grumble in Wahay.
The text was updated successfully, but these errors were encountered: