[Noisebridge-discuss] Unlocking the door via SMS

Jeffrey Malone ieatlint at tehinterweb.com
Thu Mar 11 01:53:08 UTC 2010


Note that you can also take apache out of the picture.  In the default
path on pony is a script called "opengate".  When executed, it opens
the gate.

If you look at the script, it's a very simple item that just SSHs into
another box and runs a command... you can implement what the script
does, or simply execute the script if you'd like.  The script at the
URL on pony uses the "opengate" script...

Jeffrey

On Wed, Mar 10, 2010 at 5:35 PM, Micah Lee <micahflee at gmail.com> wrote:
> The script doesn't log anything right now, but it does display verbose
> info when someone sends a new text message. It would be easy to change
> that to only contain the contents of the message and the time, and not
> include the phone number or the SMS ID number. And you can do lots of
> stuff with pygooglevoice, like delete SMS messages after they've been
> processed. I think that's about as much removing logs as we can do.
>
> On Wed, Mar 10, 2010 at 5:25 PM, Jonathan Lassoff <jof at thejof.com> wrote:
>> Whomever has access to an account on pony that is either UID 0, or is in
>> the "adm" group.
>> Only a few people, but who knows what unknown root access there is to
>> this machine.
>>
>> It seems like pony is keeping copious apache logs. Logrotate is
>> configured to keep 52 rolled-out copies of logs on pony.
>
> Since the script doesn't actually log anything itself, people with
> root actually won't have access to the logs. And as far as apache logs
> are concerned, each time someone sends an SMS to unlock the door, the
> IP in the apache logs will be 127.0.0.1, since pony itself will send
> the request.
>
> And also, in terms of keeping really stripped down logs, this stuff
> might help: http://dev.riseup.net/privacy/
>
> micah
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>



More information about the Noisebridge-discuss mailing list