← Back to context

Comment by quesera

5 days ago

Yikes, I'd strongly discourage unfiltered ingress PAT to your desktop machine.

I know you have acknowledged the decision to entrust nginx with all of your personal data and tax records and bank statements and legal documents and browser history and GitHub credentials and ssh private keys and so on.

But it's still madness. You are one oversight, accident, or bug away from total pwnage.

5 comments

quesera

Reply
superkuh  5 days ago

All of this applies to using your browser and your browser automatically executes code from random sources. If this is your threat model then how are you even posting on HN? Shut down that insecure browser quickly. It is tens of thousands of times more likely to expose your personal data etc etc than nginx.

Running nginx isn't madness. Thinking nginx is more of a risk, or even comparable to, your normal daily browser behavior certainly is.

Go look up the last nginx RCE. I think you'll be in the 2000s for just bare nginx.

  • quesera  4 days ago

    You are not educating me in any way. And obviously I don't browse with JavaScript enabled.

    We could go back and forth all day about the likelihood of a v8 sandbox escape vs RCE in a big C program. But another risk to consider is a non-obvious misconfiguration. A default server block with a wildcard server name. A stray symlink inside the docroot. An unexpected mount point. A temporary config change that you forget to revert. So many ways to fail...

    Regardless, trusting your entire personal data security to a single layer of protection is madness.

    Perhaps only exceeded by the logic of "it hasn't happened for a long time, therefore it will never happen again".

    Good luck.

    • superkuh  4 days ago

      I guess you're right. Humans make mistakes so we should just not have any control where we might make a mistake at all and host all our personal data at large corporations who definitely have our privacy as the #1 priority and never leak. And before you say, "I don't do that, false dichotomy." we're not talking about us, here, it seems. Since we both are obviously huge nerds capable of securing things (I have js disabled by default too). We're talking about the type of person that runs javascript.

      2 replies →